Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

run untrusted python code that is able to communicate with main program but isolated from the system

Prologue: I know that many people already tried to sandbox Python code within Python and failed, but I haven't seen the approach to additionally preprocess the scripts as text and reject scripts containing keywords like __base__ that could be used to recover hidden __buuiltins__. I think this approach is new and hasn't been proofed to fail yet - has it?

I plan to write a multiplayer strategy game where players may not normally interact with their units using keyboard/mouse commands, but only through scripts they have to submit to change the units' automatic behaviour. This is based on the idea of http://screeps.com.

I would love to write that in Python 3, but the main problem seems to be the secure execution of untrusted foreign player scripts on the server. I know that I may not trust exec() or eval(), even when passing them empty globals and locals as environment. I also know that simply erasing __builtins__ also does not work because one can still easily restore them using Python's introspection capabilities as described here: http://nedbatchelder.com/blog/201302/finding_python_3_builtins.html

I already learned that PyPy or Jython might have some kind of sandboxing feature that would probably work for my purpose, but I would somehow prefer to stay with the CPython reference interpreter. Also, I could only find examples where those sandboxing features work for entire programs, but none that consists of a main program running untrusted scripts as child threads and communicating with them efficiently.


But I think I have one more chance: I can preprocess the submitted scripts literally and search for strings like __class__ or __base__ and reject scripts containing those keywords. I would also have to replace eval() and exec() in the script with my own, secured functions that also reject to run code containing those keywords.

Would this approach, together with overwriting all potentially dangerous items (which ones would that be?) using a custom globals argument for exec() be secure? Which keywords would I have to look for?

If not, why would that fail? Can you suggest a better solution?

like image 524
Byte Commander Avatar asked Feb 29 '16 12:02

Byte Commander


People also ask

Which tools allow you to interpret and run a Python program?

Running Python Scripts using an IDE or a Text Editor You can use other IDEs like Spyder, PyCharm, Eclipse, and Jupyter Notebook which also allow you to run your scripts inside its environment. You can also use popular text editors like Sublime and Atom to run Python script.

What are the 2 ways to execute Python program?

It can run a Python code in two ways: As a Script or Module. As a piece of code written in an interactive session.

What is a Python sandbox?

The Python-based sandbox is a Python package that is imported as any other Python package. Included in the Python package are tools that provide a means for passing Bulk Input/Output (BulkIO) data to and from components or devices.

How do I run a Python script from a program?

To run Python scripts with the python command, you need to open a command-line and type in the word python , or python3 if you have both versions, followed by the path to your script, just like this: $ python3 hello.py Hello World! If everything works okay, after you press Enter , you'll see the phrase Hello World!


1 Answers

I'm not sure that this is a good idea. There are possibilities using pypy, or even a dedicate project python sandbox that has already dealt with much of system isolation. But the former needs a good deal of work to build a secure environment, and the latter does not directly support Python 3.x

But the author of pysandbox has stopped development since 2013, because he declared in its github site

pysandbox is BROKEN BY DESIGN, please move to a new sandboxing solution (run python in a sandbox, not the opposite!) https://lwn.net/Articles/574215/*

If you can accept a limited syntax, it would certainly much much more secure to define a dedicated grammar and build a custom interpretor with PythonLexYacc.

I must admit this is more hints than a full answer, but it is the best I can do now (and python sandbox was not referenced of that former SO question

like image 178
Serge Ballesta Avatar answered Oct 12 '22 14:10

Serge Ballesta