Stack Overflow
Stack Overflow

Questions tagged [pysandbox]

pysandbox is a Python sandbox. By default, untrusted code executed in the sandbox cannot modify the environment (write a file, use print or import a module). But you can configure the sandbox to choose exactly which features are allowed or not, eg. import sys module and read /etc/issue file.

Website: http://github.com/haypo/pysandbox/

Features

Blocked Python functions (by default):

  • Deny access to the file system
  • Deny importing Python modules
  • Deny exiting Python
  • Deny access to stdin, stdout or stderr
  • Deny some builtins symbols like compile(), execfile() or KeyboardInterrupt
  • Deny execution of arbitrary bytecode (creation of arbitrary code object)

A timeout of 5 seconds if used by default. You can enable all of these features by setting the sandbox configuration.

Protection of the namespace:

  • Deny access to function closure, globals, defaults and code
  • Deny access to frame locals
  • Deny access to types subclasses
  • __builtins__ is read only
  • Deny access to dict methods able to modify a dict, eg. dict.__setitem__. But you can use "d[key] = value" and "del d[key]" instead

Configuration

Use SandboxConfig class to configure your sandbox. Features are the most simple way to configure it.

Features

To enable a feature, use SandboxConfig('feature1', 'feature2', ...) or config.enable('feature'). Available features:

  • "codecs": codecs module
  • "code": compile() builtin, frame.f_locals, frame.f_code and generator.gi_code
  • "debug_sandbox": allow to display a traceback of the sandbox. Enable traceback feature.
  • "datetime": datetime module
  • "encodings": encodings module with ascii, latin_1, utf_8, utf_16_be, utf_32_be and rot_13 codecs (submodules). Enable codecs feature.
  • "exit": sys.exit(), BaseException, KeyboardInterrupt, SystemExit, quit()
  • "future": from __future__ import ...
  • "help": pydoc.help(), use import pydoc outside the sandbox to use it. Enable regex feature.
  • "interpreter": give access to standard streams, enable traceback. Enable encodings, exit, site, stdin, stdout, stderr and traceback features.
  • "itertools": itertools module
  • "math": math module
  • "random": random module. Enable math feature.
  • "regex": compile regex, match regex, search regex, etc. (re module)
  • "site": allow to read the license file
  • "stdin": sys.stdin, input() and raw_input()
  • "stdout", "stderr": sys.stdout and sys.stderr
  • "time": time module (except sleep, strptime and tzset functions)
  • "traceback": compile() builtin, frame.f_code. Next calls to allowModule() will add the module filename to the open() whitelist, so Python can display a traceback with the source code. This feature have to be enabled before all other features.
  • "unicodedata": unicodedata module, required for u'\N{ATOM SYMBOL}' syntax

CPython restricted mode

WARNING: CPython restricted mode is unsafe because it is possible to execute arbitrary bytecode.

Use SandboxConfig(cpython_restricted=True) to enable CPython restricted mode. In this mode, reading a file and modify a class are blocked. Some attributes are hidden (eg. method.__self__), other are read only (eg. func.__doc__).

CPython restricted mode is disabled by default. The restricted mode is incompatible with SandboxConfig "traceback" feature and allowPath() method.

The restricted mode doesn't exist in Python3 anymore, it was removed with bastion and rexec modules: http://svn.python.org/view?view=rev&revision=55301

Other options

  • config.timeout: timeout in seconds. Use None to disable the timeout. Default timeout value is 5 seconds.
  • config.allowPath(path) allows to read a file from the specified path
  • config.allowModule(name, symbol1, symbol2, ...) allows to import the specified module, but give only access to the specified symbols

Example

With call() method:

from sandbox import Sandbox

def func(a, b):
    return a + b

sandbox = Sandbox()
print sandbox.call(func, 1, 2)

With execute() method:

from sandbox import Sandbox, SandboxConfig
sandbox = Sandbox(SandboxConfig('stdout'))
sandbox.execute('print("Code executed in the sandbox")')

execute() with a local variable:

from sandbox import Sandbox, SandboxConfig
sandbox = Sandbox(SandboxConfig('stdout'))
sandbox.execute('print(data)', locals={'data': [1, 2, 3]})    # ok
sandbox.execute('data.append(4)', locals={'data': [1, 2, 3]}) # error

Objects passed to .call() globals/locals and .execute() arguments are proxified: they are replaced by read-only views of the objects.

Limitations

pysandbox is a sandbox for the Python namespace, not a sandbox between Python and the operating system. It doesn't protect your system against Python security vulnerabilities: vulnerabilities in modules/functions available in your sandbox (depend on your sandbox configuration). By default, only few functions are exposed to the sandbox namespace which limits the attack surface.

pysandbox is unable to limit the memory of the sandbox process: you have to use your own protection.

Status

pysanbox is tested on Python 2.5 and 2.6 on Debian Sid.

See TODO file for the complete status.

See also

Python

Python-dev mailing list

Other

8 questions
8
votes
1 answer

Python code jailing

I have bunch of python-projects with untrusted WSGI-apps inside them. I need to run them simulatiously and safely. So I need restrictions for directory access, python module usage and limitations for CPU and Memory. I consider two…
sashab
  • 1,534
  • 2
  • 19
  • 36
2
votes
1 answer

How can I use pysandbox in a Django request handler?

I want to use pysandbox to allow users to run code on my server. I'm using Django's internal server (manage.py runserver) with this request handler: def try_sandbox(request): from sandbox import Sandbox def func(a, b): return a + b …
fgm2r
  • 4,490
  • 1
  • 17
  • 14
2
votes
2 answers

Restricted Function with libsandbox and pysandbox

I am using the sample2.py listed here https://github.com/openjudge/sandbox as a wrapper to call the sandbox libraries (aka. libsandbox && pysandbox). Following is my C++ Code #include int main(){ return 0; } The result when i run the…
user1159517
  • 5,390
  • 8
  • 30
  • 47
1
vote
2 answers

Restricted Function (RF) with pysandbox

My problem is exactly same as here and here. I am also using simple2.py for sandboxing the executable produced by this program test1.c: #include int main(){ puts("Hello World"); return 0; } I am using the following command to…
Quixotic
  • 2,424
  • 7
  • 36
  • 58
1
vote
0 answers

doctest and unittest with pysandbox

I want to test student submissions in a save environment. That's the reason why I use pysandbox. For testing the student submission I want to use doctest and unittest. Here is the studentSubmission.py def factorial(n): import math if not n >= 0: …
Oliver
  • 11
  • 1
1
vote
1 answer

Implement online Python Shell using Pysandbox

I want to build an online Python shell like this. Currently I am trying to build a module in Python which does the following things Creates a new session. Runs a code passed as string keeping and maintains the environment variables of the current…
gibraltar
  • 1,678
  • 4
  • 20
  • 33
0
votes
1 answer

Adding new feature not working in pysandbox

I am using the pysandbox to run the Python code in sandbox environment. I got it up and running, but I want it to support python datetime module. As per the documentation, I added 'datetime' in the config as follows, sandbox =…
dhiraj
  • 115
  • 9
-1
votes
1 answer

How do I install libsandbox? I have some problems during installation

I have some problems installing libsandbox and pysandbox. I've tried with binary and source packages but no. It seems to do OK but, when I run: from sandbox import * it displays Traceback (most recent call last): File "", line 1, in…
elMauNunez
  • 3
  • 2