OWASP Python Security Project – Pysec released.

Python Security is a free, open source, OWASP project that aims at creating a hardened version of python that makes it easier for security professionals and developers to write applications more resilient to attacks and manipulations.
The project is designed to explore how web applications can be developed in python by approaching the problem from three different angles:
– Security in python: white-box analysis, structural and functional analysis
– Security of python: black-box analysis, identify and address security-related issues
– Security with python: develop security hardened python suitable for high-risk and high-security environments

Security in python
White-box analysis, structural and functional analysis of python applications and open source code.
We focused our efforts on:
+ Techniques for string evaluation and string protection
+ Functional Whitelisting and blacklisting for both strings and streams
+ Implicit and explicit Access controls in the source code
+ Error detection and Error handling
+ Safer object serialization for inter-process communication
+ Detection and reaction to events that can lead to SBE and MBE
+ Handling of unexpected and non-standard behaviors in communication protocols
+ Mitigation of risks related to importable libraries
+ Logging with event-handling controls to facilitate application monitoring
+ Modular Application checkpointing using finite state automata

Black-box analysis, identify and address security-related issues that can affect the interpreter.

We focused our efforts on:
+ Implementation of functional sandboxing
+ Safer application output to system consoles
+ Single and chained exception handling
+ Protection command strings passed to the OS
+ Checks and controls of data streams in sockets
+ Low level primitives for controlling Python->OS interactions
+ File and object permission controls
+ Improved controls for multiprocess operations
+ Enforcement of data and memory limits
+ Controls over I/O operations on file objects

git clone https://github.com/ebranca/owasp-pysec.git
Software Prerequisites :
– Linux
– Python 2.7
git clone https://github.com/ebranca/owasp-pysec.git
cd owasp-pysec/
python2.7 setup.py install

Source : http://www.pythonsecurity.org/