cloudsecurity.org has an interview with Guido van Rossum on the topics of Google App Engine, Python and Security. "cloudsecurity.org: I recently attended a fascinating talk by Justin Ferguson (a Seattle based security consultant) at eusecwest in London. He gave a great talk exploring security vulnerabilities in language interpreters and specifically highlighted some security weaknesses in Python App Engine. What are your thoughts on his research and specifically the Python issues he highlighted? When do you anticipate they will get fixed? GvR: We've anticipated all of the possibilities raised in Justin's talk, and took measures to protect our users. Justin highlighted weaknesses in Python, but not in App Engine. Furthermore, our security model does not rely solely upon protections within the Python interpreter; there are additional protections that these external analyses have missed."
News stories are provided by third parties, used with permission,
and copyright of their various respective owners.
Answers 2000 Limited has not necessarily reviewed,
and does not necessarily endorse or
agree with any content of, or views expressed in, all such items.
Comments are posted by our users. Answers 2000 Limited has not
necessarily reviewed,
and does not necessarily endorse or
agree with any content of, or views expressed in, comments.
