tags:

views:

381

answers:

3
+3  Q: 

Is there an alternative to rexec for Python sandboxing?

Implementing a 'sandbox' environment in Python used to be done with the rexec module (http://docs.python.org/library/rexec.html). Unfortunately, it has been deprecated/removed due to some security vulnerabilities. Is there an alternative?

My goal is to have Python code execute semi-trusted Python scripts. In a perfect world, calls to any functions outside of a pre-defined set would raise exceptions. From what I've read about rexec's deprecation, this may not be possible. So I'll settle for as much as I can get. I can spawn a separate process to run the scripts, which helps a lot. But they could still abuse I/O or processor/memory resources.

+3  A: 

You might want to provide your own __import__ to prevent inclusion of any modules you deem "abuse I/O or processor/memory resources."

You might want to start with pypy and create your own interpreter with limitations and constraints on resource use.

S.Lott  2009-02-08 03:18:33
Providing your own __import__ is a great idea, and is far better than any other solution ever done for sandboxing!
kylebrooks  2009-02-09 00:51:03
@kylebrooks: "far better than any other solution" is a bit string. It lets you whitelist (and blacklist) modules, but it doesn't prevent or even detect a process that attempts to "abuse I/O or processor/memory resources."
S.Lott  2009-02-10 02:59:23
+1  A: 

in cpython "sandboxing" for security reasons is a: "don't do that at your company kids"-thing.

try :

  • jython with java "sandboxing"
  • pypy -> see Answer S.Lott
  • maybe ironpython has a solution ?

see Warning:

Warning

In Python 2.3 these modules have been disabled due to various known and not readily fixable security holes. The modules are still documented here to help in reading old code that uses the rexec and Bastion modules.

Blauohr  2009-02-08 09:51:57
+1  A: 

There is a paper on this : http://people.cs.ubc.ca/~drifty/papers/python_security.pdf

Kevin  2009-09-13 01:55:40

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security