Challenge: escape from the pysandbox
victor.stinner at haypocalc.com
Sun Feb 28 17:43:07 CET 2010
Le samedi 27 février 2010 18:37:22, Daniel Fetchinson a écrit :
> It's google's hosting solution called app engine, for python web
> applications: http://code.google.com/appengine/docs/python/gettingstarted/
> I guess they also have some kind of a sandbox if they let people run
> python on their machines, I'm not sure if it's open source though.
Yes, Google AppEngine has its Python sandbox and the source code is available
online. I don't know the license. I found 7 vulnerabilities in 1 hour :-) I
contacted Google security team.
To answer to your question "How is [AppEngine] different from your project?":
* pysanbox has an import whitelist, whereas AppEngine has an import blacklist
(subprocess, socket, ... builtin modules are replaced by safe versions).
Import a Python module written in C is forbidden.
* Import a module in AppEngine imports all symbols, whereas pysandbox uses
also a symbol whitelist.
* AppEngine doesn't have proxies, all objects are modifiable (eg. sys.path)
There are other differences, but I prefer to wait for the answer from Google
before telling you more :)
AppEngine sandbox and pysandbox projects are very close: most protections are
based on blacklists, whereas RestrictedPython is only based on whitelists.
More information about the Python-list