Challenge: escape from the pysandbox
Hi,
pysandbox is a new Python sandbox project under development. By default,
untrusted code executed in the sandbox cannot modify the environment (write a
file, use print or import a module). But you can configure the sandbox to
choose exactly which features are allowed or not, eg. import sys module and
read the file /etc/issue.
Website: http://github.com/haypo/pysandbox/
Download the repository using git:
git clone git://github.com/haypo/pysandbox.git
or
git clone http://github.com/haypo/pysandbox.git
Or download the .zip or .tar.gz tarball using the "Download source" button on
the website.
I think that the project reached the "testable" stage. I launch a new
challenge: try to escape from the sandbox. I'm unable to write strict rules.
The goal is to access objects outside the sandbox. Eg. write into a file,
import a module which is not in the whitelist, modify an object outside the
sandbox, etc.
To test the sandbox, you have 3 choices:
- interpreter.py: interactive interpreter executed in the sandbox, use:
--verbose to display the whole sandbox configuration,
--features=help to enable help() function,
--features=regex to enable regex,
--help to display the help.
- execfile.py
participants (1)
-
Victor Stinner