[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

Greg Ewing greg.ewing at canterbury.ac.nz
Mon Apr 11 21:08:36 EDT 2016

Jon Ribbens wrote:
> So far it looks like blocking "_*" and the frame object attributes
> appears to be sufficient.

Even if your sandbox as it currently exists is secure, it's
only an extremely restricted subset. You seem to be assuming
that if your technique works so far, then it can be extended
to cover a larger subset, but I don't think that's certain.

One problem that's been raised is how to prevent untrusted
code from monkeypatching imported modules. Possibly that
could be addressed by giving the untrusted code a copy of
the module, but I'm not entirely sure -- accidentally
importing two copies of the same source file is a well-known
source of bugs, after all.

A related, but more difficult problem is that if we allow
the untrusted code to import any pure-Python classes, it
will be able to monkeypatch them. So it seems like it will
need its own copy of those classes as well -- and having
two copies of the same class around is *another* well
known source of bugs.


More information about the Python-Dev mailing list