[IronPython] Safe execution of python scripts on my .net application

Shri Borde Shri.Borde at microsoft.com
Tue Nov 3 21:29:35 CET 2009 

I think this happens if the new appdomain cannot load the required assembly. By default, the new appdomain should inherit its BaseDirectory property from the creating domain and should be able to load Microsoft.Scripting.dll. Is your exe and all the dlls in the same folder? If not, can you try to put all assemblies in the same folder (or in the GAC) to see if it works? If that works, you can then figure out how to configure the new appdomain such that it can load Microsoft.Scripting.dll. There may be some setting in AppDomainSetup, or you could hook the AssemblyResolve event...

From: users-bounces at lists.ironpython.com [mailto:users-bounces at lists.ironpython.com] On Behalf Of Nicolás Buttarelli
Sent: Tuesday, November 03, 2009 12:08 PM
To: Discussion of IronPython
Subject: Re: [IronPython] Safe execution of python scripts on my .net application

Hi again, thanks for your clear response.

I was trying to do what you proposed but it is not working. I am receiving an exception:

Test method CadworX3WCFRestTest.IronPython.SafeScriptExecutionTest.writingAFileTest threw exception:  System.Runtime.Serialization.SerializationException: Type is not resolved for member 'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'..
I tried to find a solution but I couldn't. This is the minimal code that I am running to get this exception (I have removed all the security stuff but apparently that does not resolve the problem):

AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain");

ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);
ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);
SriptScope scope = engine.CreateScope();
source.Execute(scope);

The exception is thronged in this line:
ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);


Do you have any idea which could be the problem?

Thanks again,
Nicolas

On Mon, Nov 2, 2009 at 10:25 PM, Dino Viehland <dinov at microsoft.com<mailto:dinov at microsoft.com>> wrote:
Assuming the app domain is setup properly then there's no way for the Python code to elevate permissions (modulo CLR security bugs which are few and far between).  This is because IronPython its self is 100% security transparent and does not affect any security decisions or assert any form of trust - so it's all up to the CLR to limit permissions.  So for example while you can access the file object, or import ctypes, or call various other Python APIs which would require trust you'll get a security exception from the CLR when you don't have permissions to do something.

For more complex scenarios you might also have an object model which you expose to the application and inject in via its scope.  Once you've done that you'll want to make sure that the object model is also secure.


From: users-bounces at lists.ironpython.com<mailto:users-bounces at lists.ironpython.com> [mailto:users-bounces at lists.ironpython.com<mailto:users-bounces at lists.ironpython.com>] On Behalf Of Nicolás Buttarelli
Sent: Monday, November 02, 2009 1:20 PM
To: Discussion of IronPython
Subject: Re: [IronPython] Safe execution of python scripts on my .net application

Thanks for your response.

But what happens with the python code? Does not exist a way to write some scripts that can do some damage to my app, the server, the database, etc?

Thanks again,
Nicolas

On Mon, Nov 2, 2009 at 9:41 PM, Dino Viehland <dinov at microsoft.com<mailto:dinov at microsoft.com>> wrote:
After creating your app domain you can do:

ScriptEngine engine = Python.CreateEngine(someAppDomain);

And then the rest of your code should work as it's written.


From: users-bounces at lists.ironpython.com<mailto:users-bounces at lists.ironpython.com> [mailto:users-bounces at lists.ironpython.com<mailto:users-bounces at lists.ironpython.com>] On Behalf Of Nicolás Buttarelli
Sent: Monday, November 02, 2009 12:39 PM
To: users at lists.ironpython.com<mailto:users at lists.ironpython.com>
Subject: [IronPython] Safe execution of python scripts on my .net application

Sorry, I don't know if my previous message have arrived. So, here it is:


Hello all,

I am starting with python and I would like to add to my web application some web services. This services will allow the different clients of my application to execute some python scripts.

I would like to know if someone did this before and how can I do this in a secure way. I mean, how can I do to restrict the environment where the scripts will be executed.

In .net I can do this using the AppDoman and setting the permission set.

AppDomain.CreateDomain( string friendlyName,
                        Evidence securityInfo,
                        AppDomainSetup info,
                        PermissionSet grantSet,
                        params StrongName[] fullTrustAssemblies);


Is there a way to do the same with my python scripts?

I am running them using this:

ScriptEngine engine = Python.CreateEngine();
ScriptSource source = engine.CreateScriptSourceFromString(scriptAsString);
ScriptScope scope = engine.CreateScope();
source.Execute(scope);

Thanks in advance.
Nicolas

_______________________________________________
Users mailing list
Users at lists.ironpython.com<mailto:Users at lists.ironpython.com>
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com


_______________________________________________
Users mailing list
Users at lists.ironpython.com<mailto:Users at lists.ironpython.com>
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ironpython-users/attachments/20091103/6e48a5cf/attachment.html>

More information about the Ironpython-users mailing list