Hi again, thanks for your clear response.<div><br></div><div>I was trying to do what you proposed but it is not working. I am receiving an exception:</div><div><br></div><div><i>Test method CadworX3WCFRestTest.IronPython.SafeScriptExecutionTest.writingAFileTest threw exception: System.Runtime.Serialization.SerializationException: Type is not resolved for member 'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'..<br>
</i><br></div><div>I tried to find a solution but I couldn't. This is the minimal code that I am running to get this exception (I have removed all the security stuff but apparently that does not resolve the problem):</div>
<div><br></div><div><div><i>AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain");</i></div><div><i><br></i></div><div><i>ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);</i></div><div>
<i>ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);</i></div><div><i>SriptScope scope = engine.CreateScope();</i></div><div><i>source.Execute(scope);</i></div><div><br></div><div>The exception is thronged in this line: </div>
<div><i>ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);</i></div><div><br></div><div><br></div><div>Do you have any idea which could be the problem?</div><div><br></div><div>Thanks again,</div><div>Nicolas</div>
<div><br></div><div class="gmail_quote">On Mon, Nov 2, 2009 at 10:25 PM, Dino Viehland <span dir="ltr"><<a href="mailto:dinov@microsoft.com">dinov@microsoft.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Assuming the app domain is setup properly then there’s no way
for the Python code to elevate permissions (modulo CLR security bugs which are
few and far between). This is because IronPython its self is 100% security
transparent and does not affect any security decisions or assert any form of
trust – so it’s all up to the CLR to limit permissions. So for example while
you can access the file object, or import ctypes, or call various other Python
APIs which would require trust you’ll get a security exception from the CLR
when you don’t have permissions to do something.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">For more complex scenarios you might also have an object model
which you expose to the application and inject in via its scope. Once you’ve
done that you’ll want to make sure that the object model is also secure.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt">From:</span></b><span style="font-size:10.0pt">
<a href="mailto:users-bounces@lists.ironpython.com" target="_blank">users-bounces@lists.ironpython.com</a> [mailto:<a href="mailto:users-bounces@lists.ironpython.com" target="_blank">users-bounces@lists.ironpython.com</a>] <b>On
Behalf Of </b>Nicolás Buttarelli<br>
<b>Sent:</b> Monday, November 02, 2009 1:20 PM<br>
<b>To:</b> Discussion of IronPython<br>
<b>Subject:</b> Re: [IronPython] Safe execution of python scripts on my .net
application</span></p>
</div>
</div><div><div></div><div class="h5">
<p class="MsoNormal"> </p>
<p class="MsoNormal">Thanks for your response.</p>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">But what happens with the python code? Does not exist
a way to write some scripts that can do some damage to my app, the server,
the database, etc?</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">Thanks again,</p>
</div>
<div>
<p class="MsoNormal">Nicolas</p>
</div>
<div>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal">On Mon, Nov 2, 2009 at 9:41 PM, Dino Viehland <<a href="mailto:dinov@microsoft.com" target="_blank">dinov@microsoft.com</a>> wrote:</p>
<div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">After creating your app domain you can
do:</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">ScriptEngine engine =
Python.CreateEngine(someAppDomain);</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">And then the rest of your code should
work as it’s written.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D"> </span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt">From:</span></b><span style="font-size:10.0pt"> <a href="mailto:users-bounces@lists.ironpython.com" target="_blank">users-bounces@lists.ironpython.com</a>
[mailto:<a href="mailto:users-bounces@lists.ironpython.com" target="_blank">users-bounces@lists.ironpython.com</a>]
<b>On Behalf Of </b>Nicolás Buttarelli<br>
<b>Sent:</b> Monday, November 02, 2009 12:39 PM<br>
<b>To:</b> <a href="mailto:users@lists.ironpython.com" target="_blank">users@lists.ironpython.com</a><br>
<b>Subject:</b> [IronPython] Safe execution of python scripts on my .net
application</span></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Sorry, I don't know if my previous message have
arrived. So, here it is:</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<p class="MsoNormal"><span style="font-size:10.0pt">Hello all,</span></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">I am starting with python and I would like to add to
my web application some web services. This services will allow the different
clients of my application to execute some python scripts. </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">I would like to know if someone did this before and
how can I do this in a secure way. I mean, how can I do to restrict the
environment where the scripts will be executed. </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">In .net I can do this using the AppDoman and setting
the permission set.</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New";color:#333333">AppDomain.CreateDomain( </span><span style="font-size:10.0pt;font-family:"Courier New";color:blue">string</span><span style="font-size:10.0pt;font-family:"Courier New";color:#333333"> friendlyName,<br>
Evidence
securityInfo,<br>
AppDomainSetup
info,<br>
PermissionSet
grantSet,<br>
</span><span style="font-size:10.0pt;font-family:"Courier New";color:blue">params</span><span style="font-size:10.0pt;font-family:"Courier New";color:#333333"> StrongName[]
fullTrustAssemblies);</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Is there a way to do the same with my python
scripts? </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">I am running them using this:</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">ScriptEngine engine = Python.CreateEngine();</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">ScriptSource source =
engine.CreateScriptSourceFromString(scriptAsString);</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">ScriptScope scope = engine.CreateScope();</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">source.Execute(scope);</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Thanks in advance.</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Nicolas</span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.ironpython.com" target="_blank">Users@lists.ironpython.com</a><br>
<a href="http://lists.ironpython.com/listinfo.cgi/users-ironpython.com" target="_blank">http://lists.ironpython.com/listinfo.cgi/users-ironpython.com</a></p>
</div>
<p class="MsoNormal"> </p>
</div>
</div></div></div>
</div>
</div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.ironpython.com">Users@lists.ironpython.com</a><br>
<a href="http://lists.ironpython.com/listinfo.cgi/users-ironpython.com" target="_blank">http://lists.ironpython.com/listinfo.cgi/users-ironpython.com</a><br>
<br></blockquote></div><br></div>