[Qgis-developer] Sandboxing python

Nathan Woodrow madmanwoo at gmail.com
Mon Oct 17 02:19:58 PDT 2016 

For context from here: https://lwn.net/Articles/574215/

"I now agree that putting a sandbox in CPython is the wrong design. There
are too many ways to escape the untrusted namespace using the various
introspection features of the Python language. To guarantee the [safety] of
a security product, the code should be [carefully] audited and the code to
review must be as small as possible. Using pysandbox, the "code" is the
whole Python core which is a really huge code base. For example, the Python
and Objects directories of Python 3.4 contain more than 126,000 lines of C
code.

The security of pysandbox is the security of its weakest part. A single bug
is enough to escape the whole sandbox."



On Mon, Oct 17, 2016 at 7:17 PM, Nathan Woodrow <madmanwoo at gmail.com> wrote:

> Honestly, this is getting tiresome.
>
> If you don't like the approval processes that we have in place currently
> you can create a new plugin repo, it's just an XML file exposed via
> webserver, there are docs around for it.
>
> You can give this URL to people and they can install your plugins via that.
>
> If you don't want to do that, then you will have to go through the
> approval process.  I'm sure there are reasons it took longer than normal,
> maybe review those first.
>
> If you want to follow the sandboxed Python route and see how far you get
> fine, however again I suspect you are in for a long road given the complex
> nature of that and you would still have to
> be able to support what we can in core, etc.
>
> - Nathan
>
>
> On Mon, Oct 17, 2016 at 6:31 PM, Geo DrinX <geodrinx at gmail.com> wrote:
>
>>
>>
>> 2016-10-17 10:19 GMT+02:00 Nathan Woodrow <madmanwoo at gmail.com>:
>>
>>> Qgis uses CPython. You also have to sandbox Qt, so I suspect you are
>>> running into a lot of dead ends.
>>>
>> Thank you for the suggestion.  We will see who is moving in dead ends.
>> :)
>>
>> I am the crow's nest of the ship and I am experiencing the arrival of
>> the iceberg.
>> And I hear the orchestra playing :)
>>
>>
>> Best regards and wishes for a safe journey.   ;)
>>
>>
>> Geo
>>
>> PS:  and then if you want to exit from the one direction maze you are
>> going,  here I am.
>> PPS:  in the meantime, take a look of this competition:
>> https://goo.gl/WR8LVF
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/qgis-developer/attachments/20161017/387f6c1b/attachment.html>

More information about the Qgis-developer mailing list