[python-uk] [dw at hmmz.org: Re: Python sandboxing (last week's dojo challenge)]

David Wilson dw+python-uk at hmmz.org
Sun Apr 10 18:19:06 EDT 2016

On Sun, Apr 10, 2016 at 06:17:29PM +0100, Jon Ribbens wrote:
> Further to the success of dojo participants in breaking out of my
> sandbox experiment due to a stupid bug I'd created, I've both
> tightened up the sandbox and extended it by adding back in 'with'
> and 'import' (of white-listed modules).
> If anyone would like to have another go at breaking out of it,
> I'd be interested to hear their results:

I guess it goes without saying, but just in case, the core team gave up
on any possibility of in-process sandboxing a very long time ago, and
all popular implementations are designed with pretty much zero regard
for this use case.

For an example of a robust sandboxed Python, App Engine disables modules
and has a bunch of patches to disable the most obvious seg faults, then
applies an OS sandbox on top of that.

If you want a real sandbox use an OS supplied facility that's been
reviewed to exhaustion like seccomp on Linux, although sadly there are
no good wrappers to use Python within seccomp.

There is some example code for seccomp here:
but really this wants wrapped up in a neat library to be generally
useful. Jon are you up for that? :)


More information about the python-uk mailing list