Re: Python CGI sandboxing advice (packaging of Online Python Tutor)

To: debian-python@lists.debian.org, debian-webapps@lists.debian.org
Subject: Re: Python CGI sandboxing advice (packaging of Online Python Tutor)
From: Jakub Wilk <jwilk@debian.org>
Date: Thu, 13 Feb 2014 00:27:36 +0100
Message-id: <[🔎] 20140212232736.GA21610@jwilk.net>
Mail-followup-to: debian-python@lists.debian.org, debian-webapps@lists.debian.org
In-reply-to: <[🔎] 87ob2fgut3.fsf_-_@inf-8660.int-evry.fr>
References: <874n4dbs2u.fsf@inf-8660.int-evry.fr> <CAKTje6GA1gyPq-qiD1jDjxWVUVzHdh4eGoK3GgBSnAyxWFaa8A@mail.gmail.com> <CAKTje6Fni3EyW1tO7rOzvGGH500g=NHJ=QfTeHRnNxOTu-vX2Q@mail.gmail.com> <8761oo498f.fsf@inf-8660.int-evry.fr> <[🔎] 87ob2fgut3.fsf_-_@inf-8660.int-evry.fr>

* Olivier Berger <olivier.berger@telecom-sudparis.eu>, 2014-02-10, 10:51:

The CGI's code is supposed to be safeguarding against abuse,


The protection is not very good. (I'll disclose the details later.)

but I think some sandboxing would be better at the CGI invocation foradditional security.


Agreed.

--
Jakub Wilk

Reply to:

References:
- Re: Python CGI sandboxing advice (packaging of Online Python Tutor)
  - From: Olivier Berger <olivier.berger@telecom-sudparis.eu>