Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Python safety #832

Open
3 tasks
lowtorola opened this issue Oct 11, 2024 · 0 comments
Open
3 tasks

Python safety #832

lowtorola opened this issue Oct 11, 2024 · 0 comments
Labels
go Pull requests that update Go code module: saturn Related to the Saturn module module: titan Related to the Titan module priority: p2 medium type: feature New feature or request, or quick non-essential bugfix
Milestone
Python Infra Support

Comments

@lowtorola
Copy link
Contributor

Now that we will be accepting python submissions, we need to be sure that all of our infrastructure is safe from potentially-malicious python code. This safety testing should include detailed analysis of the following:

  • our compilation runners cannot be affected by the python code (this should be safe :))
  • our execute runners are not susceptible to injection/attack by python code (here, a dev should try to actually inject/malign our infra)
  • our current usage of clamAV can catch bad python code (we should check that it catches reference suspicious code that should be retrievable from the internet)
@lowtorola lowtorola added type: feature New feature or request, or quick non-essential bugfix module: saturn Related to the Saturn module module: titan Related to the Titan module priority: p2 medium go Pull requests that update Go code labels Oct 11, 2024
@lowtorola lowtorola added this to the Python Infra Support milestone Oct 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
go Pull requests that update Go code module: saturn Related to the Saturn module module: titan Related to the Titan module priority: p2 medium type: feature New feature or request, or quick non-essential bugfix
Projects
None yet
Milestone
Python Infra Support
Development

No branches or pull requests
1 participant
@lowtorola