classification
Title: Add a sandbox in Distutils2
Type: enhancement Stage: resolved
Components: Distutils2 Versions: 3rd party
process
Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: tarek Nosy List: eric.araujo, meatballhat, tarek, th3flyboy, vstinner
Priority: normal Keywords:

Created on 2010-05-10 22:15 by tarek, last changed 2014-03-13 10:44 by eric.araujo. This issue is now closed.

Messages (7)
msg105471 - (view) Author: Tarek Ziadé (tarek) * (Python committer) Date: 2010-05-10 22:15
Add a sandbox in distutils2, so all installation steps can be recorded or controlled.

Usage example: a dry-run mode that prevents anything to be written on the disk but just reports.

See setuptools.sandbox for example
msg105749 - (view) Author: Éric Araujo (eric.araujo) * (Python committer) Date: 2010-05-14 19:43
What kind of sandbox should that be? Best-effort, meaning it replaces some functions to provide the dry-run feature, or an iron-clad sandbox that blocks malicious code from breaking out?
msg115783 - (view) Author: Éric Araujo (eric.araujo) * (Python committer) Date: 2010-09-07 15:52
I talked a bit about that with haypo. A strong sandbox would have to intercept a number of C and Python calls to catch everything. The sandbox module in setuptools/distribute does that in 250 lines. I’m not sure it catches C code run from extension modules being built, but we could test that with haypo’s pysandbox.
msg120622 - (view) Author: th3flyboy (th3flyboy) Date: 2010-11-06 15:14
Hey, even if it's not perfect, it would be nice to at least see partial sand boxing in Python, rather than none at all. I'm working on an open source game project that uses Python, but recently the issue of security came up involving using python scripts with malicious intent or even just on accident that may cause security issues with user generated content. It would be great to be able to see even a built in sandbox that just covers python scripts, let alone calls to C/C++ code. Even if it's not perfect, some is better than none in my opinion.
msg120623 - (view) Author: Éric Araujo (eric.araujo) * (Python committer) Date: 2010-11-06 15:18
We’re saying the same thing :)  It all depends on the promise: If you’re making a best-effort sandbox, you’re trying to do the best you can, in cooperation with your users.  For a game, I think you want an iron-clad sandbox that is totally error-proof.  See https://pypi.python.org/pypi/pysandbox/1.0.3 for such a thing.
msg120624 - (view) Author: th3flyboy (th3flyboy) Date: 2010-11-06 15:21
Cool, thanks for that link, that should really help. One quick question however, do you or anyone else know if that will work under Python 3, we currently use 2, however it would be nice to be able to future proof for moving to 3.
msg120627 - (view) Author: Éric Araujo (eric.araujo) * (Python committer) Date: 2010-11-06 15:33
I think there is some py3 support in pysandbox, but I’m not sure, and this discussion is off-topic for this bug tracker.  If you don’t find anything in the links on the pysandbox page, feel free to ask on the python-list mailing list.
History
Date User Action Args
2014-03-13 10:44:33eric.araujosetstatus: open -> closed
resolution: out of date
stage: resolved
2010-11-06 15:33:11eric.araujosetmessages: + msg120627
2010-11-06 15:21:39th3flyboysetmessages: + msg120624
2010-11-06 15:18:13eric.araujosetmessages: + msg120623
2010-11-06 15:14:36th3flyboysetnosy: + th3flyboy
messages: + msg120622
2010-09-29 23:41:52eric.araujosetversions: + 3rd party, - Python 2.6, Python 2.5, Python 3.1, Python 2.7, Python 3.2
2010-09-07 15:52:19eric.araujosetnosy: + vstinner
messages: + msg115783
2010-05-14 19:43:51eric.araujosetnosy: + eric.araujo

messages: + msg105749
versions: + Python 2.6, Python 2.5, Python 3.1, Python 2.7, Python 3.2
2010-05-12 00:04:16meatballhatsetnosy: + meatballhat
2010-05-10 22:15:46tarekcreate