Security test of embedded Python
Chris Angelico
rosuav at gmail.com
Tue Jun 21 22:35:14 EDT 2011
On Wed, Jun 22, 2011 at 12:02 PM, Paul Rubin <no.email at nospam.invalid> wrote:
> Chris Angelico <rosuav at gmail.com> writes:
>> users to supply scripts which will then run on our servers...
>> The environment is Python 3.3a0 embedded in C++, running on Linux.
>
> This doesn't sound like a bright idea, given the well-known difficulty
> of sandboxing Python.
So it seems! Less than half an hour after I made the announcement
post, the box had been compromised.
> Geordi <http://weegen.home.xs4all.nl/eelis/geordi/> has some interesting
> examples (C++) you might want to try translating to Python and running
> on your server. It uses ptrace to control the execution of potentially
> hostile code. I don't know if any exploits have been found or whether
> it's still active.
Thanks, will look into it.
> Maybe you want to look at Lua. IMHO it's not a very nice language, but
> I've heard that it's easy to embed and sandbox.
Yeah, I've used Lua before (in a game called Angband), and it's not
that great. But security's more important than ideal language syntax.
I'll also be looking into Pike. Unfortunately its community is far
smaller than Python's, so security holes may be less obvious.
Chris Angelico
More information about the Python-list
mailing list