pysandbox
WARNING: pysandbox is BROKEN BY DESIGN, please move to a new sandboxing solution (run python in a sandbox, not the opposite!)
The failure of pysandbox [LWN.net]
I want to test student submissions in a save environment. That's the reason why I use pysandbox. For testing the student submission I want to use doctest and unittest.
Here is the studentSubmission.py
def factorial(n):
import math
if not n >= 0:
raise ValueError("n must be >= 0")
if math.floor(n) != n:
raise ValueError("n must be exact integer")
if n+1 == n: # catch a value like 1e300
raise OverflowError("n too large")
resulto = 1
factor = 2
while factor <= n:
resulto *= factor
factor += 1
return resulto
Here is a regular unittest by a possible tutor: tutor_tester.py
import unittest
from studentSubmission import factorial
class TestSequenceFunctions(unittest.TestCase):
def test_equal(self):
res = factorial(4)
self.assertEqual(res, 24)
def test_error(self):
self.assertRaises(ValueError, factorial, -1)
if __name__ == '__main__':
unittest.main()
And now the script for the sandbox: sandbox_test.py
import os
from sandbox import Sandbox, SandboxConfig
#sandbox config
sandbox = Sandbox(SandboxConfig('traceback','math','stdout','stderr','exit' ))
sandbox.config.allowModule('unittest','student_submission')
fo = open("./tutor_tester.py", "r")
code = fo.read();
fo.close()
sandbox.execute(code)
When I run this on my ubuntu lts 12.04.3 with Python 2.7.3 version and the latest Pysandbox. Running sandbox_test.py I got following error:
Traceback (most recent call last):
File "sandbox_test.py", line 17, in <module>
sandbox.execute(code)
File "/usr/local/lib/python2.7/dist-packages/sandbox/sandbox_class.py", line 97, in execute
return self.execute_subprocess(self, code, globals, locals)
File "/usr/local/lib/python2.7/dist-packages/sandbox/subprocess_parent.py", line 185, in execute_subprocess
raise output_data['error']
ImportError: Import "result" blocked by the sandbox
When I try doctest : doctest_sandbox.py
def testing():
"""testing student
>>> from studentSubmission import factorial
>>> [factorial(n) for n in range(6)]
[1, 1, 2, 6, 24, 120]
>>> [factorial(long(n)) for n in range(6)]
[1, 1, 2, 6, 24, 120]
>>> factorial(30)
265252859812191058636308480000000L
>>> factorial(-1)
Traceback (most recent call last):
...
ValueError: n must be >= 0
"""
if __name__ == "__main__":
import doctest
from sandbox import Sandbox, SandboxConfig
sandbox = Sandbox(SandboxConfig('math','stdout','stderr','exit' ))
sandbox.config.allowModule('studentSubmission')
sandbox.execute(doctest.testmod())
Doctest worked quite well, but also in the end the sandbox gave me an error:
python doctest_sandbox.py -v
Trying:
from studentSubmission import factorial
Expecting nothing
ok
Trying:
[factorial(n) for n in range(6)]
Expecting:
[1, 1, 2, 6, 24, 120]
ok
Trying:
[factorial(long(n)) for n in range(6)]
Expecting:
[1, 1, 2, 6, 24, 120]
ok
Trying:
factorial(30)
Expecting:
265252859812191058636308480000000L
ok
Trying:
factorial(-1)
Expecting:
Traceback (most recent call last):
...
ValueError: n must be >= 0
ok
1 items had no tests:
__main__
1 items passed all tests:
5 tests in __main__.testing
5 tests in 2 items.
5 passed and 0 failed.
Test passed.
Traceback (most recent call last):
File "doctest_sandbox.py", line 21, in <module>
sandbox.execute(doctest.testmod())
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/sandbox/sandbox_class.py", line 97, in execute
return self.execute_subprocess(self, code, globals, locals)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/sandbox/subprocess_parent.py", line 185, in execute_subprocess
raise output_data['error']
TypeError: exec: arg 1 must be a string, file, or code object
Thanks for your help;)
Source: (StackOverflow)
I am using the sample2.py listed here https://github.com/openjudge/sandbox as a wrapper to call the sandbox libraries (aka. libsandbox && pysandbox).
Following is my C++ Code
#include <stdio.h>
int main(){
return 0;
}
The result when i run the sample2.py is
result: RF
cpu: 2ms
mem: 288kB
Can anyone tell me what are the changes i have to do to the wrapper to make this work ?
Source: (StackOverflow)
I have some problems installing libsandbox and pysandbox. I've tried with binary and source packages but no. It seems to do OK but, when I run:
from sandbox import *
it displays
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python2.7/dist-packages/sandbox/__init__.py", line 57, in <module>
from . import _sandbox
ImportError: /usr/local/lib/python2.7/dist-packages/sandbox/_sandbox.so: wrong ELF class: ELFCLASS32
How can I make it work? I'm running on Linux 64-bit.
Source: (StackOverflow)
I want to build an online Python shell like this. Currently I am trying to build a module
in Python which does the following things
- Creates a new session.
- Runs a code passed as string keeping and maintains the environment variables of the current session.
I am trying to achieve this using Pysandbox. Here is my effort till now
from sandbox import Sandbox, SandboxConfig
from optparse import OptionParser
import sys,traceback
class Runner:
def __init__(self):
self.options = self.parseOptions()
self.sandbox = Sandbox(self.createConfig())
self.localvars = dict()
def parseOptions(self):
parser = OptionParser(usage="%prog [options]")
SandboxConfig.createOptparseOptions(parser, default_timeout=None)
parser.add_option("--debug",
help="Debug mode",
action="store_true", default=False)
parser.add_option("--verbose", "-v",
help="Verbose mode",
action="store_true", default=False)
parser.add_option("--quiet", "-q",
help="Quiet mode",
action="store_true", default=False)
options, argv = parser.parse_args()
if argv:
parser.print_help()
exit(1)
if options.quiet:
options.verbose = False
return options
def createConfig(self):
config = SandboxConfig.fromOptparseOptions(self.options)
config.enable('traceback')
config.enable('stdin')
config.enable('stdout')
config.enable('stderr')
config.enable('exit')
config.enable('site')
config.enable('encodings')
config._builtins_whitelist.add('compile')
config.allowModuleSourceCode('code')
config.allowModule('sys',
'api_version', 'version', 'hexversion')
config.allowSafeModule('sys', 'version_info')
if self.options.debug:
config.allowModule('sys', '_getframe')
config.allowSafeModule('_sandbox', '_test_crash')
config.allowModuleSourceCode('sandbox')
if not config.cpython_restricted:
config.allowPath(__file__)
return config
def Run(self,code):
# log and compile the statement up front
try:
#logging.info('Compiling and evaluating:\n%s' % statement)
compiled = compile(code, '<string>', 'single')
except:
traceback.print_exc(file=sys.stdout)
return
try:
self.sandbox.execute(code)
except:
traceback.print_exc(file=sys.stdout)
def f():
f = open('test.py')
code = ''
for lines in f:
code = code+lines
runner = Runner()
runner.Run('a = 5')
runner.Run('b = 5')
runner.Run('print a+b')
f()
I am encountering 3 major problems.
How to nicely display error? For example, running the above code results in following output
File "execute.py", line 60, in Run
self.sandbox.execute(code)
File "/home/aaa/aaa/aaa/pysandbox-master/sandbox/sandbox_class.py", line 90, in execute
return self.execute_subprocess(self, code, globals, locals)
File "/home/aaa/aaa/aaa/pysandbox-master/sandbox/subprocess_parent.py", line 119, in execute_subprocess
raise output_data['error']
NameError: name 'a' is not defined
The undesirable thing here is the call traceback of "execute.py". I just want the function to return the following error.
NameError: name 'a' is not defined
How do I maintain the environment of the current session? For example, in the above code sequence
a = 5
b = 5
print a+b
should result in output 10.
Any ideas?
Source: (StackOverflow)
I have installed pysandbox 1.5.1 and libsandbox 0.3.5
After typing these commands(given in libsandbox github), i am getting errors.
Can someone please explain the reason?
from sandbox import *
s=Sandbox(['/foo/bar.exe','arg1','arg2'])
s.run()
Traceback (most recent call last):
File "stdin", line 1, in module
AttributeError: Sandbox instance has no attribute 'run'
s.probe()
Traceback (most recent call last):
File "stdin", line 1, in module
AttributeError: Sandbox instance has no attribute 'probe'
Thanks in advance
Source: (StackOverflow)
My problem is exactly same as here and here.
I am also using simple2.py for sandboxing the executable produced by this program test1.c:
#include<stdio.h>
int main(){
puts("Hello World");
return 0;
}
I am using the following command to build the executable:
gcc -static test1.c
After this if I do:
ldd a.out
I am getting the output:
not a dynamic executable
However, The result when I run the sample2.py still is
result: RF
cpu: 0ms
mem: 952kB
What exactly am I doing wrong?
Source: (StackOverflow)
I want to use pysandbox to allow users to run code on my server. I'm using Django's internal server (manage.py runserver) with this request handler:
def try_sandbox(request):
from sandbox import Sandbox
def func(a, b):
return a + b
sandbox = Sandbox()
result = sandbox.call(func, 1, 2)
return HttpResponse(result)
When accessing the page I get a ValueError:
Request Method: GET
Exception Type: ValueError
Exception Value: signal only works in main thread
Exception Location: /Library/Python/2.7/site-packages/sandbox/timeout.py in limitedTime, line 45
Python Executable: /usr/bin/python
Traceback:
Django Version: 1.3.1
Python Version: 2.7.1
File "[...]views.py" in try_sandbox
77. result = sandbox.call(func, 1, 2)
File "/Library/Python/2.7/site-packages/sandbox/sandbox_class.py" in call
44. return self._call(func, args, kw)
File "/Library/Python/2.7/site-packages/sandbox/sandbox_class.py" in _call
31. return limitedTime(timeout, func, *args, **kw)
File "/Library/Python/2.7/site-packages/sandbox/timeout.py" in limitedTime
45. old_alarm = signal(SIGALRM, signalHandler)
Is it possible to use pysandbox in this environment?
(I'm think I'm using pysandbox 1.1 - that's what the version.py in the download says. The download folder says 1.0.1. I'm running Mac OS 10.7.2.)
Source: (StackOverflow)
I have bunch of python-projects with untrusted WSGI-apps inside them. I need to run them simulatiously and safely. So I need restrictions for directory access, python module usage and limitations for CPU and Memory.
I consider two approaches:
Import via imp-module WSGI-object from defined file, and running it with pysandbox. Now I have SandboxError: Read only object when doing:
self.config = SandboxConfig('stdout')
self.sandbox = Sandbox(self.config)
self.s = imp.get_suffixes()
wsgi_obj = imp.load_module("run", open(path+"/run.py", "r"), path, self.s[2]).app
…
return self.sandbox.call(wsgi_obj, environ, start_response)
Modify Python interpreter, exclude potentially risky modules, run in parallel processes, communicate via ZMQ/Unix sockets. I even don't know where to start here.
What could you recommend?
Source: (StackOverflow)