Issue409315

classification
Title: Interpreter Security
Type: rfe Severity: normal
Components: None Versions:
Milestone:
process
Status: closed Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: leknor, st0rmid
Priority: normal Keywords:

Created on 2001-03-17.04:38:41 by leknor, last changed 2003-01-01.03:42:10 by st0rmid.

Messages
msg2990 (view) Author: William McArthur (leknor) Date: 2001-03-17.04:38:41 
I want to write something like a web game where people can write scripts and submit them to be run on my server. I would like to avoid reinventing the wheel and use jython but I need a way to prevent people from writing scripts that access some data like the file system or privileged data and that won't get stuck in infinite loops. Does jython support this kind of runtime security? If not is there a plan for it?
msg2991 (view) Author: peter hunt (st0rmid) Date: 2003-01-01.03:42:10 
Logged In: YES 
user_id=557549

I suppose you could invoke the jython interpreter from within your Java 
program, and set a SecurityManager before you execute it.
History
Date User Action Args
2001-03-17 04:38:41leknorcreate

Supported by Python Software Foundation,
Powered by Roundup