Sandbox used packages filter(vulnerable code execution prevetion)
14 views
Skip to first unread message
Kacper Bernat
Mar 4, 2020, 1:44:55 PM3/4/20
to Jep Project
Hello everybody,
I've looked back and forth your documentation and I couldn't answer clearly to myself If there is any vulnerable code filter in runtime for this sandbox.
Just to clarify, my application(core stands on Java) allows user write own Python expressions. Recently I've realized that this feature is also able to execute harmful code like passing system commands, or system file operations.
Corresponding user code expression control is available in Groovy Sandbox http://groovy-sandbox.kohsuke.org/ (GroovyValueFilter class). Through this I'm able to whitelist compiled classes, execution of any beyond this whitelist is blocked.
Is there any similar implementation in jep?
Thanks in advance.
I've looked back and forth your documentation and I couldn't answer clearly to myself If there is any vulnerable code filter in runtime for this sandbox.
Just to clarify, my application(core stands on Java) allows user write own Python expressions. Recently I've realized that this feature is also able to execute harmful code like passing system commands, or system file operations.
Corresponding user code expression control is available in Groovy Sandbox http://groovy-sandbox.kohsuke.org/ (GroovyValueFilter class). Through this I'm able to whitelist compiled classes, execution of any beyond this whitelist is blocked.
Is there any similar implementation in jep?
Thanks in advance.
Nathan Jensen
Mar 4, 2020, 3:19:42 PM3/4/20
to Kacper Bernat, Jep Project
Hi, Ben and I have discussed this in the past but never implemented anything. We have talked about ways to limit specific modules if desired, but again, haven't implemented anything. I'm not aware of anyone else building a secure sandbox on top of Jep. You can somewhat secure Java through the usage of a restricted classloader, but there's nothing at present in Jep to restrict Python execution.
--
You received this message because you are subscribed to the Google Groups "Jep Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jep-project...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jep-project/bef516bc-ce4d-40fc-93bc-c854f2dc6943%40googlegroups.com.
Kacper Bernat
Mar 18, 2020, 7:10:34 AM3/18/20
to Jep Project
Ok, thank you for your response. The only solution for python code execution security monitor is string filtering right now. Although it's not the most sophisticated idea, whitelist string monitor is only way how to deal with it.
Kacper
Kacper
W dniu środa, 4 marca 2020 21:19:42 UTC+1 użytkownik Nathan Jensen napisał:
Hi, Ben and I have discussed this in the past but never implemented anything. We have talked about ways to limit specific modules if desired, but again, haven't implemented anything. I'm not aware of anyone else building a secure sandbox on top of Jep. You can somewhat secure Java through the usage of a restricted classloader, but there's nothing at present in Jep to restrict Python execution.
On Wed, Mar 4, 2020, 12:44 PM Kacper Bernat <locz...@gmail.com> wrote:
Hello everybody,--
I've looked back and forth your documentation and I couldn't answer clearly to myself If there is any vulnerable code filter in runtime for this sandbox.
Just to clarify, my application(core stands on Java) allows user write own Python expressions. Recently I've realized that this feature is also able to execute harmful code like passing system commands, or system file operations.
Corresponding user code expression control is available in Groovy Sandbox http://groovy-sandbox.kohsuke.org/ (GroovyValueFilter class). Through this I'm able to whitelist compiled classes, execution of any beyond this whitelist is blocked.
Is there any similar implementation in jep?
Thanks in advance.
You received this message because you are subscribed to the Google Groups "Jep Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jep-p...@googlegroups.com.
Nathan Jensen
Mar 18, 2020, 12:53:26 PM3/18/20
to Jep Project, Kacper Bernat
You could write a Python import hook to block imports of Python modules and register the import hook before Jep's import hooks. See https://docs.python.org/3/reference/import.html#import-hooks
So you could for example block os from being imported. The downside is I don't know if you can block sys from being imported as Jep is importing and using sys to set up the interpreter. A malicious actor could also alter the import hooks so it wouldn't be completely safe. Jep doesn't currently have a way to register custom import hooks but you could modify Jep if you think that would help.
To unsubscribe from this group and stop receiving emails from it, send an email to jep-project...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jep-project/dfa4c793-3978-4f71-920f-eb2312e25f85%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages