Disabling std. and file I/O in Python sandbox implementation

2024/11/13 0:09:17

I'm trying to set up a Python sandbox and want to forbid access to standard and file I/O. I am running the sandbox inside of a running Python server.

I've already looked at modules like RestrictedPython and PyPy; however, I want to be able to compile the sandbox code inside of my running Python server, not through an external process.

Are there any alternative ways to prevent access to commands like print, raw_input, or open? Could the aforementioned modules be used in a way where sandbox code is compiled in a running Python program?

At worst, how would you prevent access to raw_input?

EDIT: According to this tutorial on safely evaluating Python code, would it be possible to pass in a manipulated builtins module?

Answer

The rough consensus on this is that the complexity and introspection abilities of CPython make for unreliable attempts of blacklisting parts of the interpreter. I believe one of the major attempts was tav's safelite. It's also not that hard to cause CPython to crash, which opens another path to be exploited from running arbitrary code. Avoiding resource exhaustion or CPU-use DoS from arbitrary code is probably impossible to do in-process (you'd need a watchdog, system limits, etc.).

Something crucial for people wanting to have sandboxed code execution in Python is to avoid rolling your own (or simply modifying sys, __builtins__): it's very easy to convince yourself it's rock solid and yet miss some obvious workaround that bypasses your protection. Keep in mind Python used to include a module that offered this kind of protection and even that had glaring issues that allowed to escape its restrictions. IIRC, it was vulnerable to fishing non-restricted objects (via introspection) into the restricted environment.

That said, pysandbox is written by a core Python developer who believes it to be safe when restricting e.g. IO (and it incorporates a lot of previous research) and can run in-process like you want (albeit with a few less features, like DoS protections from CPU and memory use).

https://en.xdnf.cn/q/72193.html

Related Q&A

Extract edge and communities from list of nodes

I have dataset which has more than 50k nodes and I am trying to extract possible edges and communities from them. I did try using some graph tools like gephi, cytoscape, socnet, nodexl and so on to v…

Why is this usage of python F-string interpolation wrapping with quotes?

Code in question:a = test# 1) print(f{a}) # test# 2) print(f{ {a} }) # {test}# 3) print(f{{ {a} }}) # {test}My question is, why does case two print those quotes?I didnt find anything explicitly in the…

Adding a matplotlib colorbar from a PatchCollection

Im converting a Shapely MultiPolygon to a PatchCollection, and first colouring each Polygon like so:# ldn_mp is a MultiPolygon cm = plt.get_cmap(RdBu) num_colours = len(ldn_mp)fig = plt.figure() ax = f…

Mac 10.6 Universal Binary scipy: cephes/specfun _aswfa_ symbol not found

I cant get scipy to function in 32 bit mode when compiled as a i386/x86_64 universal binary, and executed on my 64 bit 10.6.2 MacPro1,1.My python setupWith the help of this answer, I built a 32/64 bit …

python: numpy list to array and vstack

from scipy.io.wavfile import read filepath = glob.glob(*.wav) rates = [] datas = [] for fp in filepath:rate, data = read(fp)rates.append(rate)datas.append(data)I get a list datas which is :[array([0, 0…

Django Unittests Client Login: fails in test suite, but not in Shell

Im running a basic test of my home view. While logging the client in from the shell works, the same line of code fails to log the client in when using the test suite.What is the correct way to log the …

Icon overlay issue with Python

I found some examples and topics on this forum about the way to implement an icon overlay handler with Python 2.7 & the win32com package but it does not work for me and I dont understand why. I cre…

Comparing NumPy object references

I want to understand the NumPy behavior.When I try to get the reference of an inner array of a NumPy array, and then compare it to the object itself, I get as returned value False.Here is the example:I…

Does using django querysets in templates hit the database?

Do template value tags force django to hit the database when called against a non-context value? For example:{{ request.user.username }} Is the call to show the currently logged in users username. H…

how to randomly sample in 2D matrix in numpy

I have a 2d array/matrix like this, how would I randomly pick the value from this 2D matrix, for example getting value like [-62, 29.23]. I looked at the numpy.choice but it is built for 1d array.The f…