From: Victor Stinner on
Le samedi 27 février 2010 18:37:22, Daniel Fetchinson a écrit :
> It's google's hosting solution called app engine, for python web
> applications: http://code.google.com/appengine/docs/python/gettingstarted/
>
> I guess they also have some kind of a sandbox if they let people run
> python on their machines, I'm not sure if it's open source though.

Yes, Google AppEngine has its Python sandbox and the source code is available
online. I don't know the license. I found 7 vulnerabilities in 1 hour :-) I
contacted Google security team.

To answer to your question "How is [AppEngine] different from your project?":

* pysanbox has an import whitelist, whereas AppEngine has an import blacklist
(subprocess, socket, ... builtin modules are replaced by safe versions).
Import a Python module written in C is forbidden.
* Import a module in AppEngine imports all symbols, whereas pysandbox uses
also a symbol whitelist.
* AppEngine doesn't have proxies, all objects are modifiable (eg. sys.path)

There are other differences, but I prefer to wait for the answer from Google
before telling you more :)

AppEngine sandbox and pysandbox projects are very close: most protections are
based on blacklists, whereas RestrictedPython is only based on whitelists.

--
Victor Stinner
http://www.haypocalc.com/
From: Aahz on
In article <mailman.330.1267292249.4577.python-list(a)python.org>,
Daniel Fetchinson <fetchinson(a)googlemail.com> wrote:
>
>I guess they also have some kind of a sandbox if they let people run
>python on their machines, I'm not sure if it's open source though.

Thing is, I'm sure that Google uses a critical backstop to any
Python-based sandbox: something like a chroot jail. The Python sandbox
is mostly there to inform you about what you can and can't do; the real
security is provided by the OS.
--
Aahz (aahz(a)pythoncraft.com) <*> http://www.pythoncraft.com/

"Many customs in this life persist because they ease friction and promote
productivity as a result of universal agreement, and whether they are
precisely the optimal choices is much less important." --Henry Spencer
From: Daniel Fetchinson on
>>I guess they also have some kind of a sandbox if they let people run
>>python on their machines, I'm not sure if it's open source though.
>
> Thing is, I'm sure that Google uses a critical backstop to any
> Python-based sandbox: something like a chroot jail. The Python sandbox
> is mostly there to inform you about what you can and can't do; the real
> security is provided by the OS.

I see, makes perfect sense. This then raises the question whether it's
important to have a 100% fool proof python sandbox without help from
the OS, or this goal is not only too ambitious but also not really a
useful one. One aspect might be that one might want to have a platform
independent way of sandboxing, perhaps.

Cheers,
Daniel


--
Psss, psss, put it down! - http://www.cafepress.com/putitdown
From: Victor Stinner on
Le dimanche 28 février 2010 23:40:59, Daniel Fetchinson a écrit :
> >>I guess they also have some kind of a sandbox if they let people run
> >>python on their machines, I'm not sure if it's open source though.
> >
> > Thing is, I'm sure that Google uses a critical backstop to any
> > Python-based sandbox: something like a chroot jail. The Python sandbox
> > is mostly there to inform you about what you can and can't do; the real
> > security is provided by the OS.
>
> I see, makes perfect sense. This then raises the question whether it's
> important to have a 100% fool proof python sandbox without help from
> the OS, or this goal is not only too ambitious but also not really a
> useful one.

This is just impossible :-) PHP tried that but it's too hard to write an
exhaustive blacklist because too much code have to be modified. If you require
a 100% fool proof sandbox, you have to use a sandbox between the Python
process and the OS (and not inside the Python process).

> One aspect might be that one might want to have a platform
> independent way of sandboxing, perhaps.

The problem have to be splitted in two parts: protect access to OS resources
(files, network, etc.) and protect access to Python objects (eg. create a read
only view of objects injected to the sandbox).

An "OS sandbox" can not protect objects inside the Python object. And
pysandbox cannot protect all access to OS resources (but I try to do that
:-)).

pysandbox is a possible solution to the second problem: control Python object
space.
--
Victor Stinner
http://www.haypocalc.com/
From: Victor Stinner on
Le dimanche 28 février 2010 17:43:07, Victor Stinner a écrit :
> Yes, Google AppEngine has its Python sandbox and the source code is
> available online. I don't know the license. I found 7 vulnerabilities in 1
> hour :-) I contacted Google security team. (...) There are other
> differences, but I prefer to wait for the answer from
> Google before telling you more :)

Google answered me. I misunderstood AppEngine sandbox. It's not a Python
sandbox.

AppEngine sandbox is just a tool helping developers to test programs without
the "real" (OS) sandbox. Their Python sandbox *emulates* the real sandbox, and
so it's completly different to pysandbox.

--
Victor Stinner
http://www.haypocalc.com/