[Python-Dev] Some news from my sandbox project

Victor Stinner victor.stinner at haypocalc.com
Sat Sep 18 01:27:28 CEST 2010 

Hi,

I'm still developing irregulary my sandbox project since last june. pysandbox 
is a sandbox to execute untrusted Python code. It is able to execute unmodified 
Python code with a low overhead. I consider it as stable and secure.
http://github.com/haypo/pysandbox/

Today, the biggest problem is the creation of a read only view of the 
__builtins__ dictionary. I tried to create my own object with the dict API, 
but I got quickly a segfault. I realized that ceval.c is hardcoded to use 
PyDict functions on __builtins__ (LOAD_GLOBAL instruction). So I created a 
subclass of dict and replaced modify function (__setitem__, update, clear, 
...).

I would like to know if you will agree to modify ceval.c (and maybe some other 
functions) to support __builtins__ of another type than dict. I mean add a 
fast check (PyDict_CheckExact) on the type. If you agree, I can will an issue 
with a patch.

The two last vulnerabilities came from this problem: it was possible to use 
dict methods on __builtins__, eg. dict.update(__builtins__, {...}) and  
dict.__init__(__builtins__, {...}). Because of that, pysandbox removes all 
dict methods able to modify a dict. And so "d={...}; d.update(...)" raises an 
error (d has no update attribute) :-/

---

If you would like to test pysandbox, just join ##fschfsch channel of the 
Freenode IRC server and talk to fschfsch. It's an IRC bot using pysandbox to 
evaluate Python expressions. It is also on #python-fr and #python channels, 
but please use ##fschfsch for tests.
http://github.com/haypo/pysandbox/wiki/fschfsch

Or you can pysandbox on your computer. Download the last git version (github 
provides tarballs if you don't have git program), install it and run: python 
interpreter.py. You have to compile _sandbox, a C module required to modify 
some Python internals.

The last git version is compatible with Python 2.5, 2.6 and 2.7. It works on 
3.1 and 3.2 after a conversion with 2to3 and a small hack on sandbox/proxy.py: 
replace "elif isinstance(value, OBJECT_TYPES):" by "else:" (and remove the 
existing else statement). I'm not sure that this hack is safe, and so I didn't 
commited it yet.

-- 
Victor Stinner
http://www.haypocalc.com/

More information about the Python-Dev mailing list