Is there an alternative to rexec for Python sandboxing?
https://stackoverflow.com/questions/525056
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Implementing a 'sandbox' environment in Python used to be done with the rexec module (http://docs.python.org/library/rexec.html). Unfortunately, it has been deprecated/removed due to some security vulnerabilities. Is there an alternative?
My goal is to have Python code execute semi-trusted Python scripts. In a perfect world, calls to any functions outside of a pre-defined set would raise exceptions. From what I've read about rexec's deprecation, this may not be possible. So I'll settle for as much as I can get. I can spawn a separate process to run the scripts, which helps a lot. But they could still abuse I/O or processor/memory resources.
Solution
You might want to provide your own __import__ to prevent inclusion of any modules you deem "abuse I/O or processor/memory resources."
You might want to start with pypy and create your own interpreter with limitations and constraints on resource use.
OTHER TIPS
in cpython "sandboxing" for security reasons is a: "don't do that at your company kids"-thing.
try :
- jython with java "sandboxing"
- pypy -> see Answer S.Lott
- maybe ironpython has a solution ?
see Warning:
Warning
In Python 2.3 these modules have been disabled due to various known and not readily fixable security holes. The modules are still documented here to help in reading old code that uses the rexec and Bastion modules.
Your best bet for security in cPython is using OS-level sandboxing mechanisms and running untrusted code in a separate process constrained by the OS.
This is equivalent to using 'jython with java "sandboxing"', as per the answer above, but probably a little more difficult to configure.
