

Pysandbox - a configurable Python sandbox - vgnet
https://github.com/haypo/pysandbox/

======
Erwin
I'm not sure what this does what Zope's Restricted Python doesn't do already,
except possibly be more performant. Zope's module requires no patches and is
being widely used.

I had a good experience implement this Restricted Python (unrelated to the
restricted mode in Python) as a flexible sandboxing for (mostly) untrusted
users. I say mostly, because DoS attacks are still possible; these are paying
users and just need to be kept in their own sandbox away from others' data.
There's a OS level memory restriction and runaway processes are killed by
signals.

The Zope module works by compiling all insecure code, restricting some things
that are hard to secure and otherwise turning: foo.bar = quux.baz into
approximately: set(foo, "bar", get(quux, "baz")) -- where you provide the get
and set function, so you can verify no attributes that are bad are accessed.
No access to anything start with _ is allowed, and there are a few other odd
restrictions like no augmented assignments.

This process has about 40% performance penalty however, depending on how often
your verifiers need to get called during the code execution. This applies only
to code you explicitly compile with their compiler, so insecure python code
called from that context execute without penalty (or security!)

Because of the way my system is setup, the untrusted code interacts with some
secure objects, so I have an ACL system where objects can declare that
untrusted code can do X but cannot do Y to them.

~~~
Estragon
It sounds like a really interesting business. What do your customers use the
python code for? Are they developers themselves?

~~~
Erwin
Our customers develop online questionnaires. Most of those are stock controls
which don't require any logic, like asking a question about the user's about
age. Sometimes you need simple or complex control logic, e.g. display these
additional questions only to users that meet certain criteria, like 18-25
Males who know at least 3 out of 7 competing products. The casual users might
select that from a GUI, the more expert might enter the Python code directly.

The complex control logic might be: plug in the responses to those questions
into giant matrix with thousands of coefficients to segment users into groups.

It can get even more extreme; we even had one user who wanted to use a
200,000-line C function to determine this segmentation, apparently that was
some neural network output from a program called "Salford Predictive Miner".

~~~
Estragon
Thanks for the explanation.

------
Tobu
Configurability is generally a bad idea for a sandbox. Here the configuration
seems to allow whitelisting a few extra modules that do not allow working
around the sandbox, but increase the attack surface for bugs in the
implementation (because they are implemented with syscalls, ad-hoc native
code, or interpreter assistance for example).

