[Python-Dev] Python jail: whitelist vs blacklist

[tav]

Hey Victor,

> Today it's clear that tav's jail is broken.

Forgive me as I'm sleep deprived, but no =)

> Many hackers proved how to break it.
> Fixing each hole is maybe not the good solution.

The aim of this challenge has been to:

1. Validate the functions-based approach
2. Verify if the proposed set of new attribute RESTRICTIONs are enough

As such, it has been important to ensure that we have as large an
attack surface as possible.

And given how trivial it has been to fix the bugs, the functions-based
approach seems to be holding up =)

And as for the attributes needing to be restricted, we've discovered
that we need to restrict the f_* attributes of frameobject along with
the initial type.__subclasses__, gi_code and gi_frame.

> A better approach would be to create a new world (namespace) from an empty
> namespace and then add our "secure" functions/types using strong validations
> (using a whitelist instead of a blacklist).

Sure -- you are absolutely right about using a whitelist approach.

safelite.py is just for the challenge... to demonstrate that the
functions-based approach could possibly lead to securing the Python
interpreter and to verify that we've restricted the necessary
attributes.

Once the patch gets accepted, we can start creating a fresh world
built up from an object capability base =)

> In CPython, we may use proxies on anything to check all operations.
>  jail   -- validations --> real world
>  jail <-- proxy objects -- real world

Ehm, I'd strongly discourage any approaches using proxies. The
performance penalties will just be insane.

If you really want one though -- check out Zope proxy. It already
implements this quite well and you can use it today! =)

-- 
love, tav

plex:espians/tav | tav at espians.com | +44 (0) 7809 569 369
http://tav.espians.com | http://twitter.com/tav | skype:tavespian