Path: csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder1.enfer-du-nord.net!newsfeed.eweka.nl!eweka.nl!feeder3.eweka.nl!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <rosuav@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.000
X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'python,': 0.02; 'warnings': 0.03; 'wiki': 0.03; 'interpreter': 0.04; 'cpython': 0.05; 'ignored': 0.05; '[0]': 0.07; 'extent': 0.07; 'objects,': 0.07; 'scripts': 0.09; 'python': 0.09; 'sat,': 0.15; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'oct': 0.16; 'scripting.': 0.16; 'scripts.': 0.16; 'wrote:': 0.17; 'instance,': 0.17; 'python?': 0.20; 'all,': 0.21; 'received:209.85.214.174': 0.21; 'embedding': 0.22; "python's": 0.23; 'script': 0.24; 'tried': 0.25; 'header:In-Reply-To:1': 0.25; '(which': 0.26; '(see': 0.27; 'am,': 0.27; 'embedded': 0.27; 'environment.': 0.27; 'question': 0.27; 'authors': 0.27; 'c++': 0.27; 'message-id:@mail.gmail.com': 0.27; "doesn't": 0.28; 'run': 0.28; 'environment': 0.29; 'classes': 0.30; 'file': 0.32; 'problem': 0.33; 'to:addr:python-list': 0.33; 'know.': 0.33; 'received:google.com': 0.34; 'received:209.85': 0.35; 'there': 0.35; 'but': 0.36; 'modules': 0.36; "wasn't": 0.36; 'execute': 0.37; 'option': 0.37; 'received:209': 0.37; 'subject:: ': 0.38; 'some': 0.38; 'page': 0.38; 'several': 0.39; 'system.': 0.39; 'to:addr:python.org': 0.39; 'received:209.85.214': 0.39; 'application': 0.40; 'header:Received:5': 0.40; 'back': 0.62; 'shortly': 0.65; 'dangerous': 0.66; 'afford': 0.93
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=ApQ/c4HJW23ZeMkEl/Jc5Mt0cZyo4zPt6U3ACB+eqRQ=; b=tJ4zNKqmwNZDcTjQG3CS+F6GjrUH4eQa9/hIOyWtrpkKoD/b+MrPS12+Aa8S6JMKyl dPHEqaQV6u1I7GeSwoH0pzhua70LAhlacTR+M8jsAikoS6dVKstK3yhKogVmTZSsx4nF 6sLF3mxWt89bwM9iAsCbzZPyDW33MmpSYIWyECpvsrsX5eMqwRxd0VoCmTPZIkG/N+Ft 2FOeZKQFQ+vsq01sQrGwq+VOjU6UBRzQhjLLvx7///m2CqhPtMDCe3LolGoOOYu7skhY MXpTvIoN9VqAoA6rLw1O0LWBOAn1zXALDZFa+KMiDwio8wgegw0VtNnfBmJrKgw3QeE1 EP8A==
MIME-Version: 1.0
In-Reply-To: <4hrls608xbax633ej6s1n54j.1349475464556@email.android.com>
References: <4hrls608xbax633ej6s1n54j.1349475464556@email.android.com>
Date: Sat, 6 Oct 2012 17:19:20 +1000
Subject: Re: Executing untrusted scripts in a sandboxed environment
From: Chris Angelico <rosuav@gmail.com>
To: python-list@python.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.1894.1349507969.27098.python-list@python.org>
Lines: 29
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1349507969 news.xs4all.nl 6895 [2001:888:2000:d::a6]:47623
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:30871

On Sat, Oct 6, 2012 at 8:22 AM, Robin Krahl <me@robin-krahl.de> wrote:
> Hi all,
>
> I need to execute untrusted scripts in my Python application. To avoid se=
curity issues, I want to use a sandboxed environment. This means that the s=
cript authors have no access to the file system. They may only access objec=
ts, modules and classes that are "flagged" or "approved" for scripting.
>
> I read that I will not be able to do this with Python scripts. (See Sandb=
oxedPython page in the Python wiki [0] and several SE.com questions, e. g. =
[1].) So my question is: What is the best way to "embed" a script engine in=
 a sandboxed environment that has access to the Python modules and classes =
that I provide?

With extreme difficulty. A while back (couple years maybe? I don't
remember), I ignored everyone's warnings and tried to make a sandboxed
Python, embedded in a C++ application. It failed in sandboxing. With
just some trivial tinkering using Python's introspection facilities, a
couple of python-list people managed to read and write files, and
other equally dangerous actions. Shortly thereafter, we solved the
problem completely... by switching to JavaScript.

Embedding CPython in an application simply doesn't afford sandboxing.
To what extent do you actually need to run untrusted Python? Can you,
for instance, sandbox the entire process (which wasn't an option for
what we were doing)? Perhaps chrooting the Python interpreter will do
what you need. But there may still be leaks, I don't know.

ChrisA