3

I'm writing an application where we need to execute untrusted python code. (i.e. an application similar to a homework submission server, where student input is untrusted)

Thinking about it, my first thought is that by disabling the file I/O capabilities of the language (and thus, restrict code to using stdin/stdout only), a program couldn't do much harm to the system.

Is this correct, or are there attack vectors that I haven't thought of?

Is there some kind of python flag or compiler option that I can pass to isolate the code?

Improve this question
2

3 Answers 3

Reset to default
8

Run them in docker containers!

As with anything about security, there is no silver bullet. Your mileage may vary.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

I wouldn't execute arbitrary code on your machine using any of the python sandboxing methods since security professional demonstrated several time how they are escapable. Escaping the python sandbox

I would suggest running the code inside a docker container with a new user with restricted permissions.

Hardening Linux Containers

Lastly, you can try to parse the python code into an AST and go down the levels to make sure that dangerous actions are not present.

My choice would be using a docker container, preferably an Alpine version with restricted access.

Improve this answer

Comments

0

You might want to take a look at https://github.com/openedx/codejail. This package is also available on PyPI and is used and maintained by tech giants like Open edX and AWS

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.