Chroot Jail Not Secure for Sandboxing Python?
"Martin v. Löwis"
martin at v.loewis.de
Mon Jun 25 07:43:18 CEST 2007
gregpinero at gmail.com schrieb:
> This wiki page suggests using a chroot jail to sandbox Python, but
> wouldn't running something like this in your sandboxed Python instance
> still break you out of the chroot jail:
> os.execle ('/usr/bin/python','-c','import os; os.execlp("/bin/sh")',
Depending on how the chroot jail is set up, this command might not
work - in the jail, /bin/sh might not exist.
> or maybe:
> del os.environ['LD_PRELOAD']
> os.execl ('/usr/bin/python','-c','import os; os.execlp("/bin/sh")')
How could deleting LD_PRELOAD help? chroot is not a library trick.
It's a mechanism implemented in the operating system.
> So is a chroot jail not adequate for sandboxing Python?
You have to define your threat model. If the threat to prevent is
a malicious user getting at your data, or spreading a virus
through your files, then chroot is perfectly adequate.
More information about the Python-list