Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Sandboxing Java / Groovy / Freemarker Code - Preventing execution of specific methods

I'm developing a system that allows developers to upload custom groovy scripts and freemarker templates.

I can provide a certain level of security at a very high level with the default Java security infrastructure - i.e. prevent code from accessing the filesystem or network, however I have a need to restrict access to specific methods.

My plan was to modify the Groovy and Freemarker runtimes to read Annotations that would either whitelist or blacklist certain methods, however this would force me to maintain a forked version of their code, which is not desirable.

All I essentially need to be able to do is prevent the execution of specific methods when called from Groovy or Freemarker. I've considered a hack that would look at the call stack, but this would be a massive speed hit (and it quite messy).

Does anyone have any other ideas for implementing this?

like image 970
James Davies Avatar asked Apr 08 '09 04:04

James Davies


4 Answers

You can do it by subclassing the GroovyClassLoader and enforcing your constraints within an AST Visitor. THis post explains how to do it: http://hamletdarcy.blogspot.com/2009/01/groovy-compile-time-meta-magic.html

Also, the code referenced there is in the samples folder of Groovy 1.6 installer.

like image 150
Jen S. Avatar answered Nov 17 '22 13:11

Jen S.


You should have a look at the project groovy-sandbox from kohsuke. Have also a look to his blog post here on this topic and what is solution is addressing: sandboxing, but performance drawback.

like image 42
msauvee Avatar answered Nov 17 '22 12:11

msauvee


OSGi is great for this. You can partition your code into bundles and set exactly what each bundle exposes, and to what other bundles. Would that work for you?

like image 44
dj_segfault Avatar answered Nov 17 '22 12:11

dj_segfault


You might also consider the java-sandbox (http://blog.datenwerke.net/p/the-java-sandbox.html) a recently developed library that allows to securely execute untrusted code from within java.

Also see: http://blog.datenwerke.net/2013/06/sandboxing-groovy-with-java-sandbox.html

like image 1
Arno Mittelbach Avatar answered Nov 17 '22 12:11

Arno Mittelbach