Restricted Execution on the cheap

D

David Pokorny

Hi,

Suppose that one wants to set up a machine to accept python code from,
say, arbitrary email, and run it safely. Would the following
(somewhat draconian) precautions be sufficient?
[assume the Python code is in hack.py]

grep exec hack.py ==> nothing
grep eval hack.py ==> nothing
etc... for 'import', 'builtin', 'globals','reload'
'compile', 'file', 'open', 'input', 'locals', 'vars'

Furthermore, suppose that along with the daemon that
processes the the email there is in addition a watcher daemon
that kills and restarts the email-python-runner under any of
the following conditions:

stdout > 50 MB
email-python-runner's heap is > 50 MB
email-python-runner gets stuck on a single program for more than 5 minutes

If you're interested in hacking such a device, I'm sorry to disappoint ---
it won't be up for a long time.

Thanks!
David Pokorny
 
D

Duncan Booth

David said:
Suppose that one wants to set up a machine to accept python code from,
say, arbitrary email, and run it safely. Would the following
(somewhat draconian) precautions be sufficient?
[assume the Python code is in hack.py]

grep exec hack.py ==> nothing
grep eval hack.py ==> nothing
etc... for 'import', 'builtin', 'globals','reload'
'compile', 'file', 'open', 'input', 'locals', 'vars'

Assuming you think *very* hard about everything that someone might try.

Your list above certainly isn't enough though. I'm pretty sure you also
need to block getattr otherwise:
'shap_tybonyf'.decode('rot13'))['__ohvygvaf__'.decode('rot13')],
'x\x9cK\xce\xcf-\xc8\xccI\x05\x00\x0b\xaf\x02\xea'.decode('zip'))
<built-in function compile>
 
N

Nick Coghlan

David said:
Hi,

Suppose that one wants to set up a machine to accept python code from,
say, arbitrary email, and run it safely. Would the following
(somewhat draconian) precautions be sufficient?

In short, no. Python's introspection capabilities kill you. There are too many
ways to spell things to be certain all the loopholes are closed.

For instance, take a look at the result of:

type(sys.stdout)

Sure, you can add 'type' to the banned list, but eventually the banned list is
so long, writing a useful program is damn near impossible. 'chr' and '__dict__',
for instance, would almost certainly have to be on the banned list, otherwise:

key1 = ''.join([chr(x) for x in [95, 95, 98, 117, 105, 108, 116, 105, 110,
95, 95]])
key2 = ''.join([chr(x) for x in [102, 105, 108, 101]])
sys.modules[key1].__dict__[key2]

It isn't accidental that Bastion and rexec got deprecated - the developers just
can't guarantee that the modules are actually providing adequate protection.

A chroot() jail, setuid() to some permission-less sandbox user and your
monitoring daemon are likely to get you a lot further.

Regards,
Nick.

P.S. Both examples above are bizarre ways of spelling 'file', for anyone who
can't be bothered figuring it out.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top