[IronPython] Safe execution of python scripts on my .net application

Nicolás Buttarelli nbuttarelli at gmail.com
Tue Nov 3 22:29:46 CET 2009


I have create a new "Test Project" and an Unit Test class in order to test
the following code inside:

AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain");
ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);
ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);
ScriptScope scope = engine.CreateScope();
source.Execute(scope);


I have add the references:

- IronPython
- Microsoft.Scripting
- Microsoft.ScriptingCore

But it still not working and throwing the
same System.Runtime.Serialization.SerializationException: Type is not
resolved for member
'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting.

Any ideas?


2009/11/3 Nicolás Buttarelli <nbuttarelli at gmail.com>

> Thanks Shri, I will try.
>
> In addition, I found this open issue:
> http://dlr.codeplex.com/WorkItem/View.aspx?WorkItemId=2816. I think that
> it is related.
>
>
> On Tue, Nov 3, 2009 at 9:29 PM, Shri Borde <Shri.Borde at microsoft.com>wrote:
>
>>  I think this happens if the new appdomain cannot load the required
>> assembly. By default, the new appdomain should inherit its BaseDirectory
>> property from the creating domain and should be able to load
>> Microsoft.Scripting.dll. Is your exe and all the dlls in the same folder? If
>> not, can you try to put all assemblies in the same folder (or in the GAC) to
>> see if it works? If that works, you can then figure out how to configure the
>> new appdomain such that it can load Microsoft.Scripting.dll. There may be
>> some setting in AppDomainSetup, or you could hook the AssemblyResolve event…
>>
>>
>>
>> *From:* users-bounces at lists.ironpython.com [mailto:
>> users-bounces at lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
>> *Sent:* Tuesday, November 03, 2009 12:08 PM
>>
>> *To:* Discussion of IronPython
>> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
>> application
>>
>>
>>
>> Hi again, thanks for your clear response.
>>
>>
>>
>> I was trying to do what you proposed but it is not working. I am receiving
>> an exception:
>>
>>
>>
>> *Test method
>> CadworX3WCFRestTest.IronPython.SafeScriptExecutionTest.writingAFileTest
>> threw exception:  System.Runtime.Serialization.SerializationException: Type
>> is not resolved for member
>> 'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting,
>> Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'..*
>>
>> I tried to find a solution but I couldn't. This is the minimal code that I
>> am running to get this exception (I have removed all the security stuff but
>> apparently that does not resolve the problem):
>>
>>
>>
>> *AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain");
>> *
>>
>>
>>
>> *ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);*
>>
>> *ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);
>> *
>>
>> *SriptScope scope = engine.CreateScope();*
>>
>> *source.Execute(scope);*
>>
>>
>>
>> The exception is thronged in this line:
>>
>> *ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);*
>>
>>
>>
>>
>>
>> Do you have any idea which could be the problem?
>>
>>
>>
>> Thanks again,
>>
>> Nicolas
>>
>>
>>
>> On Mon, Nov 2, 2009 at 10:25 PM, Dino Viehland <dinov at microsoft.com>
>> wrote:
>>
>> Assuming the app domain is setup properly then there’s no way for the
>> Python code to elevate permissions (modulo CLR security bugs which are few
>> and far between).  This is because IronPython its self is 100% security
>> transparent and does not affect any security decisions or assert any form of
>> trust – so it’s all up to the CLR to limit permissions.  So for example
>> while you can access the file object, or import ctypes, or call various
>> other Python APIs which would require trust you’ll get a security exception
>> from the CLR when you don’t have permissions to do something.
>>
>>
>>
>> For more complex scenarios you might also have an object model which you
>> expose to the application and inject in via its scope.  Once you’ve done
>> that you’ll want to make sure that the object model is also secure.
>>
>>
>>
>>
>>
>> *From:* users-bounces at lists.ironpython.com [mailto:
>> users-bounces at lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
>> *Sent:* Monday, November 02, 2009 1:20 PM
>> *To:* Discussion of IronPython
>> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
>> application
>>
>>
>>
>> Thanks for your response.
>>
>>
>>
>> But what happens with the python code? Does not exist a way to write some
>> scripts that can do some damage to my app, the server, the database, etc?
>>
>>
>>
>> Thanks again,
>>
>> Nicolas
>>
>>
>>
>> On Mon, Nov 2, 2009 at 9:41 PM, Dino Viehland <dinov at microsoft.com>
>> wrote:
>>
>> After creating your app domain you can do:
>>
>>
>>
>> ScriptEngine engine = Python.CreateEngine(someAppDomain);
>>
>>
>>
>> And then the rest of your code should work as it’s written.
>>
>>
>>
>>
>>
>> *From:* users-bounces at lists.ironpython.com [mailto:
>> users-bounces at lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
>> *Sent:* Monday, November 02, 2009 12:39 PM
>> *To:* users at lists.ironpython.com
>> *Subject:* [IronPython] Safe execution of python scripts on my .net
>> application
>>
>>
>>
>> Sorry, I don't know if my previous message have arrived. So, here it is:
>>
>>
>>
>>
>>
>> Hello all,
>>
>>
>>
>> I am starting with python and I would like to add to my web application
>> some web services. This services will allow the different clients of my
>> application to execute some python scripts.
>>
>>
>>
>> I would like to know if someone did this before and how can I do this in a
>> secure way. I mean, how can I do to restrict the environment where the
>> scripts will be executed.
>>
>>
>>
>> In .net I can do this using the AppDoman and setting the permission set.
>>
>>
>>
>> AppDomain.CreateDomain( string friendlyName,
>>                         Evidence securityInfo,
>>                         AppDomainSetup info,
>>                         PermissionSet grantSet,
>>                         params StrongName[] fullTrustAssemblies);
>>
>>
>>
>>
>>
>> Is there a way to do the same with my python scripts?
>>
>>
>>
>> I am running them using this:
>>
>>
>>
>> ScriptEngine engine = Python.CreateEngine();
>>
>> ScriptSource source = engine.CreateScriptSourceFromString(scriptAsString);
>>
>> ScriptScope scope = engine.CreateScope();
>>
>> source.Execute(scope);
>>
>>
>>
>> Thanks in advance.
>>
>> Nicolas
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.ironpython.com
>> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>>
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.ironpython.com
>> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.ironpython.com
>> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ironpython-users/attachments/20091103/d5586f5e/attachment.html>


More information about the Ironpython-users mailing list