Dailydave mailing list archives

Re: Google Apps Engine

From: Jeremy Kelley <jeremy () austin ibm com>
Date: Fri, 11 Apr 2008 12:06:13 -0500

Quoting Lutz B?hne (lboehne () damogran de):

Python is fun, there are so many ways to have it do what you want ;)

It might be possible to remove these functions like this:

    >>> del __builtins__.__dict__["open"]
    >>> open('/etc/passwd')
    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
    NameError: name 'open' is not defined
    [...]

But i don't know whether that'd get rid of all problems.


doh!  Good catch on the builtins.  I should have looked further for that
example.

I did see today that Guido was one of the lead guys on the google
appserver codebase.  I'd be interested in hearing from him on ways they
may be preparing to offer a sanitized environment.

-j

-- 
Jeremy Kelley <jeremy () austin ibm com>               Sr. Threat Analyst
gpg  1024D/E0DF8B2D  4BC3 B8B5 5B42 CC8E B6A9 2E85 32D3 C51C E0DF 8B2D
That's the problem with science.  You've got a bunch of empiricists
trying to describe things of unimaginable wonder.      -Bill Watterson
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Google Apps Engine Dave Aitel (Apr 08)
- Re: Google Apps Engine jf (Apr 08)
- Re: Google Apps Engine Jeremy Kelley (Apr 08)
  - Re: Google Apps Engine jf (Apr 08)
  - Re: Google Apps Engine Lutz Böhne (Apr 11)
    - Re: Google Apps Engine Jeremy Kelley (Apr 11)
    - Re: Google Apps Engine Aidan Thornton (Apr 12)
    - Re: Google Apps Engine Thomas Ptacek (Apr 13)