[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Python CGI sandboxing advice (packaging of Online Python Tutor) - Was: Re: Best-practice / howto packaging of CGI-based Web app ?

On Sun, Feb 9, 2014 at 11:05 PM, Olivier Berger wrote:

> AFAICS for now, it uses a whitelist of python modules that are allowed
> (see [0]).

Those look mostly safe. Only things I could think of would be entropy
exhaustion via random or DoS via a big bunch of math or a big regex. I
would suggest asking debian-python or the upstream python community
and the Debian security list.

> Maybe a CGI sandboxing solution could be advised, for running over a
> "normal" Debian system ?

https://wiki.python.org/moin/SandboxedPython

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
Reply to: