Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!rt.uk.eu.org!newsfeed.xs4all.nl!newsfeed3.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <nedbat@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.016
X-Spam-Evidence: '*H*': 0.97; '*S*': 0.00; 'subject:Python': 0.06; '21,': 0.07; 'suppose': 0.07; '#include': 0.09; 'finished.': 0.09; 'skip:/ 10': 0.09; 'url:github': 0.09; 'cc:addr:python-list': 0.11; 'python': 0.11; 'wrote': 0.14; '/**': 0.16; 'btw:': 0.16; 'code?': 0.16; 'edward': 0.16; 'edx,': 0.16; 'limit.': 0.16; 'open-source,': 0.16; 'tokenize': 0.16; 'url:faq': 0.16; 'sat,': 0.16; 'student': 0.16; 'sender:addr:gmail.com': 0.17; 'thanks,': 0.17; 'wrote:': 0.18; '(not': 0.18; '(but': 0.19; "hasn't": 0.19; 'seems': 0.21; '>>>': 0.22; 'separate': 0.22; 'tests': 0.22; 'cc:addr:python.org': 0.22; 'header:User-Agent:1': 0.23; 'questions:': 0.24; 'sends': 0.24; '(or': 0.24; 'cc:2**0': 0.24; 'script': 0.25; 'post': 0.26; 'header:In-Reply-To:1': 0.27; 'am,': 0.29; "doesn't": 0.30; 'url:mailman': 0.30; 'code': 0.31; 'comments': 0.31; 'lines': 0.31; 'that.': 0.31; 'too.': 0.31; '>>>>': 0.31; 'challenges.': 0.31; 'disable': 0.31; 'restricted': 0.31; 'sep': 0.31; 'subject:programs': 0.31; 'writes:': 0.31; 'run': 0.32; 'url:python': 0.33; 'fri,': 0.33; '"the': 0.34; 'could': 0.34; 'beyond': 0.35; 'requirement': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'add': 0.35; 'there': 0.35; 'like,': 0.36; 'done': 0.36; 'url:listinfo': 0.36; 'similar': 0.36; 'url:org': 0.36; 'should': 0.36; 'seconds': 0.37; 'unit': 0.37; 'easily': 0.37; 'problems': 0.38; 'process,': 0.38; 'security,': 0.38; 'writes': 0.38; 'pm,': 0.38; 'resource': 0.38; 'anything': 0.39; 'itself': 0.39; 'use.': 0.39; 'sure': 0.39; 'url:mail': 0.40; 'how': 0.40; 'skip:u 10': 0.60; 'access,': 0.60; 'subject:online': 0.61; 'profile': 0.61; 'john': 0.61; 'simple': 0.61; "you're": 0.61; 'account': 0.65; 'to:addr:gmail.com': 0.65; 'series': 0.66; 'here': 0.66; '20,': 0.68; 'judge': 0.68; 'limit': 0.70; 'programs,': 0.74; 'batchelder': 0.84; 'directories:': 0.84; 'email addr:panix.com': 0.84; 'malicious': 0.84; 'skip:/ 30': 0.84; 'bears': 0.91; 'profile.': 0.91; 'url:latest': 0.91; '2013': 0.98
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=yTaz+q3INE540pCKBrfXLgQ42hefsNVINQyIMTBwJoI=; b=Aym8RlbFW/Zpm8ctTKox5oQo8+5SMaakwkK0T3NKwHkqJYq1SFWSnO8rOXQmcHlAp9 7b98bsLsSBy3YH2SkraBqqeRMOwjkIMHB/J3rixAEVEqQV+poj72FhjJEw9pQZFQU1nR CplOAGMc8J8i6uhJbzpkw7hhclgEcj9HjYsN4FRQxlRQY3U0w/ssN/pbFQ8Mrimx2a5v vPFmKEsrrf1kiI80e0ACWpIZv9UWnFo/pjTQZCPCdhupmNM3qJm9oTyxQdv5nYe9FM++ d9KRc0Fgi0N+CFECA/OdfSzZ2Dj17qSMpxN69IKmTvTvdjWuXiIufPXitFm/X4spOtNM GNwQ==
X-Received: by 10.236.181.194 with SMTP id l42mr13890205yhm.26.1379795349983; Sat, 21 Sep 2013 13:29:09 -0700 (PDT)
Sender: Ned Batchelder <nedbat@gmail.com>
Date: Sat, 21 Sep 2013 16:29:08 -0400
From: Ned Batchelder <ned@nedbatchelder.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: Jabba Laci <jabba.laci@gmail.com>
Subject: Re: building an online judge to evaluate Python programs
References: <mailman.195.1379698177.18130.python-list@python.org> <l1i9vm$6l0$1@reader1.panix.com> <CAOuJsMnx8MGTJ=f7D=cj09mGiQq8j_DzXq4vEzHwX34pdx630Q@mail.gmail.com> <523CD032.6000205@nedbatchelder.com> <CAOuJsMmmua252QNL9AoJ7RaOm8i9-x_W+gYMhckjsFxzfwZP3A@mail.gmail.com>
In-Reply-To: <CAOuJsMmmua252QNL9AoJ7RaOm8i9-x_W+gYMhckjsFxzfwZP3A@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Python mailing list <python-list@python.org>
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.233.1379795791.18130.python-list@python.org>
Lines: 80
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1379795791 news.xs4all.nl 15926 [2001:888:2000:d::a6]:53510
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:54564

On 9/21/13 3:57 PM, Jabba Laci wrote:
> Hi Ned,
>
> Could you please post here your AppArmor profile for restricted Python scripts?
Laszlo, the instructions are in the README, including the AppArmor 
profile.  It isn't much:

#include <tunables/global>

<SANDENV>/bin/python {
     #include <abstractions/base>
     #include <abstractions/python>

     <SANDENV>/** mr,
     # If you have code that the sandbox must be able to access, add lines
     # pointing to those directories:
     /the/path/to/your/sandbox-packages/** r,

     /tmp/codejail-*/ rix,
     /tmp/codejail-*/** rix,
}

Note that there are other protections beyond AppArmor, setrlimits is also used to limit some resource use.

--Ned.

BTW: Top-posting makes it harder to follow threads of conversations, better form is to add your comments below the person you're replying to.

> Thanks,
>
> Laszlo
>
> On Sat, Sep 21, 2013 at 12:46 AM, Ned Batchelder <ned@nedbatchelder.com> wrote:
>> On 9/20/13 6:26 PM, Jabba Laci wrote:
>>> I just found Docker ( http://docs.docker.io/en/latest/faq/ ). It seems
>>> sandboxing could be done with this easily.
>>
>> At edX, I wrote CodeJail (https://github.com/edx/codejail) to use AppArmor
>> to run Python securely.
>>
>> For grading Python programs, we use a unit-test like series of challenges.
>> The student writes problems as functions (or classes), and we execute them
>> with unit tests (not literally unittest, but a similar idea).  We also
>> tokenize the code to check for simple things like, did you use a while loop
>> when the requirement was to write a recursive function.  The grading code is
>> not open-source, unfortunately, because it is part of the MIT courseware.
>>
>> --Ned.
>>
>>> Laszlo
>>>
>>> On Fri, Sep 20, 2013 at 10:08 PM, John Gordon <gordon@panix.com> wrote:
>>>> In <mailman.195.1379698177.18130.python-list@python.org> Jabba Laci
>>>> <jabba.laci@gmail.com> writes:
>>>>
>>>>> There are several questions:
>>>>> * What is someone sends an infinite loop? There should be a time limit.
>>>> You could run the judge as a background process, and kill it after ten
>>>> seconds if it hasn't finished.
>>>>
>>>>> * What is someone sends a malicious code? The script should be run in a
>>>>> sandbox.
>>>> You could run the judge from its own account that doesn't have access to
>>>> anything else.  For extra security, make the judge program itself owned
>>>> by
>>>> a separate account (but readable/executable by the judge account.)
>>>>
>>>> I suppose you'd have to disable mail access from the judge account too.
>>>> Not sure how to easily do that.
>>>>
>>>> --
>>>> John Gordon                   A is for Amy, who fell down the stairs
>>>> gordon@panix.com              B is for Basil, assaulted by bears
>>>>                                   -- Edward Gorey, "The Gashlycrumb
>>>> Tinies"
>>>>
>>>> --
>>>> https://mail.python.org/mailman/listinfo/python-list
>>