[soc2008-general] Sandboxing the tinypy interpreter

Denis Kasak denis.kasak at gmail.com
Fri Apr 4 11:09:16 CEST 2008 

Hello,

My name is Denis Kasak and I'm an undergraduate at the Faculty of
Electrical Engineering in Osijek, Croatia. I'm interested in
implementing a sandbox model for the tinypy interpreter for safe
execution of arbitrary code. I've already submitted my application at
the GSoC site and now I'm looking for further suggestions and
comments. I'm very excited with this project because I've wanted to
get involved with Python development for some time but never got
around it. This makes for an excellent opportunity to start working on
Python and Python-related projects. I'm hoping to work with you all
during (and after) the summer. :-)

Here's the abstract:

tinypy is a minimalistic Python subset implementation. Its small size
make it suitable for embedding it in all kinds of restricted
environments. By enabling a sandbox mode which would restrict the
available resources of the interpreter and protecting the
interpreter/VM itself from malicious changes, it could be used for
running potentially unsafe code in an isolated environment. This
project aims at implementing various resource restrictions and
replacing/rewriting functions which could be used in an unsafe manner.
The code would also be examined for potential security holes and
vulnerabilities. These changes would enable tinypy to safely run any
arbitrary Python code. This would also improve tinypy's usefulness in
embedded environments (which often have very limited resources) as it
would remove the possibility of various Denial-of-Service attacks. The
project would make extensive use of test-driven development and unit
testing to minimize new bugs and security holes, and also to expose
already existing ones. Also, during the course of the project,
relevant documentation would be improved to enable future developers
to easily extend the sandbox. The secondary goal would be to implement
a basic proof-of-concept CPython API to tinypy. This would enable
Python programmers to input tinypy as a module, spawn instances of the
tinypy interpreter and pass it arbitrary code for execution. The data
could then be fetched back to CPython via some secure interface.
Finally, the project would follow strongly the requirement of
retaining the small size and speed of the interpreter.

-- 
Denis Kasak

More information about the soc2008-general mailing list