GitHub - vstinner/pysandbox: WARNING: pysandbox is BROKEN BY DESIGN, please move to a new sandboxing solution (run python in a sandbox, not the opposite!) (original) (raw)

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING !!! !!! !!! !!! pysandbox is BROKEN BY DESIGN, please move to a new sandboxing !!! !!! solution: run python in a sandbox, not the opposite! !!! !!! !!! !!! Learn more about pysandbox failure: !!! !!! https://lwn.net/Articles/574215/ !!! !!! !!! !!! WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

On Linux, SECCOMP security feature looks nice a nice start to build a Python sandbox.

Other sandboxing projects for Python:

The old README follows.

pysandbox is a Python sandbox. By default, untrusted code executed in the sandbox cannot modify the environment (write a file, use print or import a module). But you can configure the sandbox to choose exactly which features are allowed or not, eg. import sys module and read /etc/issue file.

Website: http://github.com/haypo/pysandbox/

Features

Blocked Python functionality (by default):

You can enable all of these features by setting the sandbox configuration.

By default, the untrusted code is executed in a subprocess with the following limits:

Protection of the namespace:

Limitations

pysandbox is a sandbox for the Python namespace, not a sandbox between Python and the operating system. It does not protect your system against Python security vulnerabilities, i.e. vulnerabilities in modules and functions available in your sandbox (depends on your sandbox configuration). By default, only a few functions are exposed to the sandbox namespace which limits the attack surface.

See the Lib/test/crashers/ directory in the CPython source code to see examples of known bugs crashing the CPython interpreter.

Configuration

Use SandboxConfig class to configure your sandbox. Features are the most simple way to configure it.

Features

To enable a feature, use SandboxConfig('feature1', 'feature2', ...) or config.enable('feature'). Available features:

CPython restricted mode

WARNING: CPython restricted mode is unsafe because it is possible to execute arbitrary bytecode.

Use SandboxConfig(cpython_restricted=True) to enable CPython restricted mode. In this mode, reading a file and modifying a class are blocked. Some attributes are hidden (eg. method.self), others are read only (eg. func.doc).

CPython restricted mode is disabled by default. The restricted mode is incompatible with SandboxConfig's "traceback" feature and allowPath() method.

The restricted mode doesn't exist in Python3 anymore; it was removed with the bastion and rexec modules:

Disable subprocess

It is possible to not run the untrusted code in a subprocess using SandboxConfig(use_subprocess=False). This mode is less secure; the following protections are disabled:

Other options

Example

With call() method: ::

from sandbox import Sandbox

def func(a, b):
    return a + b

sandbox = Sandbox()
print sandbox.call(func, 1, 2)

With execute() method: ::

from sandbox import Sandbox, SandboxConfig
sandbox = Sandbox(SandboxConfig('stdout'))
sandbox.execute('print("Code executed in the sandbox")')

execute() with a local variable: ::

from sandbox import Sandbox, SandboxConfig
sandbox = Sandbox(SandboxConfig('stdout'))
sandbox.execute('print(data)', locals={'data': [1, 2, 3]})    # ok
sandbox.execute('data.append(4)', locals={'data': [1, 2, 3]}) # error

Objects passed to .call() globals/locals and .execute() arguments are proxified: they are replaced by read-only views of the objects.

Status

pysanbox 1.5 is tested on Python 2.5 and 2.6 on Debian Sid.

See TODO file for the complete status.

See also

Python

Python-dev mailing list

Other