On Thu, 2 Mar 2023 at 06:30, Lucas Wiman <lucas.wiman@gmail.com> wrote:
One way this could be implemented is by providing some primitives for sandboxing subprocesses. E.g. in the requirements file add an optional section for sandbox directives that will cause the import to be executed in a subprocess with a restricted set of OS-level permissions (e.g. no writing to the filesystem other than a particular socket for communicating with the parent process).
That wouldn't be an import, though. It would be a subprocess. Trying to make it work transparently would be basically impossible, and if programmers are going to have to be aware that it's a subprocess, may as well treat it as one rather than trying to fake it as an import.
An incremental and independently useful place to start on that might be adding sandboxing primitives to the subprocess and/or multiprocessing module. I have tried to do this manually on a linux web service using calls to Imagemagick and didn't see a way to do it aside from calling a `docker run` command. Is there a cross-platform way of doing this? I did a bit of googling and found some "experimental" libraries for the purpose, though nothing that wanted to call itself production-ready. (Gaol https://github.com/servo/gaol and Boxfort https://github.com/Snaipe/BoxFort) Presumably web browsers like Chrome have some prior art as well.
Adding sandboxing primitives would be good for the subprocess module, definitely. That way they're not tied to running other Python packages, so you can restrict any subprocess at all (as in your example of ImageMagick). ChrisA