Challenge: escape from the pysandbox
Victor Stinner
victor.stinner at haypocalc.com
Sun Feb 28 11:43:07 EST 2010
Le samedi 27 février 2010 18:37:22, Daniel Fetchinson a écrit :
> It's google's hosting solution called app engine, for python web
> applications: http://code.google.com/appengine/docs/python/gettingstarted/
>
> I guess they also have some kind of a sandbox if they let people run
> python on their machines, I'm not sure if it's open source though.
Yes, Google AppEngine has its Python sandbox and the source code is available
online. I don't know the license. I found 7 vulnerabilities in 1 hour :-) I
contacted Google security team.
To answer to your question "How is [AppEngine] different from your project?":
* pysanbox has an import whitelist, whereas AppEngine has an import blacklist
(subprocess, socket, ... builtin modules are replaced by safe versions).
Import a Python module written in C is forbidden.
* Import a module in AppEngine imports all symbols, whereas pysandbox uses
also a symbol whitelist.
* AppEngine doesn't have proxies, all objects are modifiable (eg. sys.path)
There are other differences, but I prefer to wait for the answer from Google
before telling you more :)
AppEngine sandbox and pysandbox projects are very close: most protections are
based on blacklists, whereas RestrictedPython is only based on whitelists.
--
Victor Stinner
http://www.haypocalc.com/
More information about the Python-list
mailing list