[Owasp-france] Fwd: [Owasp-leaders] OWASP Python Security first release

Sebastien Gioria sebastien.gioria at owasp.org
Mon Mar 24 07:23:40 UTC 2014

Je sais que nous avons beaucoup de python addict ici...
---------- Forwarded message ----------
From: "Enrico Branca" <enrico.branca at owasp.org>
Date: Mar 24, 2014 1:09 AM
Subject: [Owasp-leaders] OWASP Python Security first release
To: <owasp-leaders at lists.owasp.org>

Dear OWASP Leaders,

I am glad to inform that after one year of preparation, OWASP Python
Security (Pysec) Project team has published the first release.

OWASP Python Security (Pysec) is a project that aims at creating a
hardened version of python that makes it easier for security
professionals and developers to write applications more resilient to
attacks and manipulations.

We are publishing our code as PRE-ALPHA version, under heavy development
and NOT to be used in any production environment. Code is being
commented and we are drawing structural specifications, documentation
will follow shortly after.

Parallel to the code development we are working on a manual on secure
coding in python that will be released as soon as we will have the first
stable version, hopefully within six month.

Still a long way from being ready for real use but we feel is a
significant step forward in reaching our goals, and we hope some of you
may get involved in this project as well.

Project website:

Development roadmap:

Development repository:

Some of OWASP Pysec features
+ Custom libraries in C and Python with functional controls
+ Import functions with version control and hash check for integrity
+ Logging supports flow controls, checkpoints and external handlers
+ Error handling and detection using finite state automata
+ Library for on-disk data structures and information storage
+ File operation library with data verification and file system hooks
+ Splitters for sequence-like objects to improve memory usage and speed

Current OWASP Pysec "work in progress"
+ Multi-purpose Queue Library
+ Logging thread-safe and multiprocess/multithread aware
+ Hardened protocol libraries for POP3/SMTP/IMAP4/FTP
+ Internal control library to enforce type and data verification
+ Library to enable process and permission controls on OS objects
+ Library to include OWASP ESAPI specifications and security controls

We would love to hear your feedback on this project, bug reports,
suggestions and contributions are all very welcome.

Thank you,
Enrico Branca
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-france/attachments/20140324/1a911dbc/attachment.html>

More information about the Owasp-france mailing list