Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > Newbie query about secure embedded python

Reply
Thread Tools

Newbie query about secure embedded python

 
 
Richard Dwan
Guest
Posts: n/a
 
      01-02-2007
(Originally incorrectly posted to C++ SIG mailing
list)

Hello,

First let me apologise if this question is obvious -
I've never embedded python before and I am deciding of
it meets my needs.



My question is; is there a secure python interpreter
that prevents malicious code from using C/C++ modules
or built-in functions from causing damage to a users
system.


My objective is to have an embedded interpreted
language to drive all non CPU intensive application
behaviour with user / downloadable scripts to
customise the UI / scripting processing.

My concern with a simply embedding python is that this
would give arbitrary scripts the ability to make
system level changes (e.g. destructive abilities using
file access). As I wish to encourage scripts to be
shared across the Internet this could not be
tolerated.

Python provides a very good script language to which I
can expose application specific functions/objects
using the already documented methods. To use Python
with the above security restrictions I would need to
be able to disable all file / system built-ins when
running the interpreter across user scripts. In
addition, importing C/C++ functions would have to be
disabled as well. As a complication, a set of
'approved C/C++ functions' such as numpy would need to
be supported in order to allow the user to do 'useful
processing' within the scripts driving the
application.

My naive solution would be to customise the
'PyImport_Import' and 'PyObject_CallObject' routines
used with user scripts so that:
--- an imported C/C++ module would be checked against
an approved list to prevent arbitrary C/C++ code from
being executed
--- built-in function calls would be checked against
an approved list to prevent system damaging calls from
being made
--- the application API that is exposed to the user
code must not expose to scripts a way of damaging
anything more than the data currently being
'processed'
--- the application would have to ensure that user
code is only executed within the secure interpreter
scope (e.g. not use callbacks to user script code
outside the secure interpreter)

Has the necessary secure python interpreter already
been created / a work in progress?



Many thanks for any advice you can give me,
Richard

Send instant messages to your online friends http://uk.messenger.yahoo.com
 
Reply With Quote
 
 
 
 
Paul Rubin
Guest
Posts: n/a
 
      01-02-2007
Richard Dwan <(E-Mail Removed)> writes:
> My question is; is there a secure python interpreter
> that prevents malicious code from using C/C++ modules
> or built-in functions from causing damage to a users
> system.


You mean like a java sandbox? There used to be one in Python (the
rexec/Bastion modules) but they were removed for security reasons
(i.e. they weren't secure and there was no way to fix the holes).
There seems to currently be no really reliable way to do what you're
asking. Your best bet may be either a small JVM, or a very limited
special purpose language that you could implement in Python.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure your digital information assets with Secure Auditor. SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:53 AM
Secure your digital information assets with Secure Auditor SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:52 AM
How to display images embedded in e-mail as embedded, not attachments Jim Firefox 4 12-11-2004 05:36 AM
embedded python: efficency query benevilent@optusnet.com.au Python 1 11-10-2004 07:06 PM



Advertisments