Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Python (http://www.velocityreviews.com/forums/f43-python.html)
-   -   Executing untrusted scripts in a sandboxed environment (http://www.velocityreviews.com/forums/t953094-executing-untrusted-scripts-in-a-sandboxed-environment.html)

Robin Krahl 10-05-2012 10:22 PM

Executing untrusted scripts in a sandboxed environment
 
Hi all,

I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.

I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine in a sandboxed environment that has access to the Python modules and classes that I provide?

Thanks for your help.

Best regards,
Robin

[0] http://wiki.python.org/moin/SandboxedPython
[1] http://stackoverflow.com/questions/3...in-pure-python

Ramchandra Apte 10-06-2012 09:11 AM

Re: Executing untrusted scripts in a sandboxed environment
 
On Saturday, 6 October 2012 04:00:08 UTC+5:30, Robin Krahl wrote:
> Hi all,
>
> I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.
>
> I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine ina sandboxed environment that has access to the Python modules and classes that I provide?
>
> Thanks for your help.
>
> Best regards,
> Robin
>
> [0] http://wiki.python.org/moin/SandboxedPython
> [1] http://stackoverflow.com/questions/3...in-pure-python

From http://wiki.python.org/moin/SandboxedPython
"The Java and CLR/.NET runtimes support restricted execution, and these canbe utilised through the Jython and IronPython variants of Python (as well as by other languages, obviously)."
You can also check out http://doc.pypy.org/en/latest/sandbox.html for PyPy's sandbox

Ramchandra Apte 10-06-2012 09:11 AM

Re: Executing untrusted scripts in a sandboxed environment
 
On Saturday, 6 October 2012 04:00:08 UTC+5:30, Robin Krahl wrote:
> Hi all,
>
> I need to execute untrusted scripts in my Python application. To avoid security issues, I want to use a sandboxed environment. This means that the script authors have no access to the file system. They may only access objects, modules and classes that are "flagged" or "approved" for scripting.
>
> I read that I will not be able to do this with Python scripts. (See SandboxedPython page in the Python wiki [0] and several SE.com questions, e. g. [1].) So my question is: What is the best way to "embed" a script engine ina sandboxed environment that has access to the Python modules and classes that I provide?
>
> Thanks for your help.
>
> Best regards,
> Robin
>
> [0] http://wiki.python.org/moin/SandboxedPython
> [1] http://stackoverflow.com/questions/3...in-pure-python
>From http://wiki.python.org/moin/SandboxedPython

"The Java and CLR/.NET runtimes support restricted execution, and these canbe utilised through the Jython and IronPython variants of Python (as well as by other languages, obviously)."
You can also check out http://doc.pypy.org/en/latest/sandbox.html for PyPy's sandbox


All times are GMT. The time now is 04:30 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.