Sandboxing

[DerekW00]

Attempt 1: Docker

def main(): 
    dockerfile_dir = os.path.expanduser('~/anaconda3/lib/python3.10/site-packages') 
    image_name = 'go_cli_sandbox' 

    def build_docker_image(): 
        try: 
            completed_process = subprocess.run(['docker', 'images', '-q', image_name],/
            stdout=subprocess.PIPE, check=True, text=True) 

            # Check if image ID is present in the output 
            if completed_process.stdout.strip(): 
                print(f"{image_name} already exists. Skipping build.") 
                return 
            except subprocess.CalledProcessError as e: 
                print(f"Error checking Docker images: {e}", file=sys.stderr) 
                sys.exit(1) 

        try: 
            subprocess.run(['docker', 'build', '-t', image_name, dockerfile_dir], check=True)
            print(f"Successfully built {image_name}") 

        except subprocess.CalledProcessError as e: 
            print(f"Error building Docker image: {e}", file=sys.stderr) 
            sys.exit(1) 

    def execute_command(cmd): 
        build_docker_image() 
            try: 
                process = subprocess.run(['docker', 'run', '--rm', image_name, 'bash', '-c', cmd],stderr=subprocess.PIPE, check=False) 
            except subprocess.CalledProcessError as e: 
                print(f"Error running command in Docker container: {e}", file=sys.stder
                sys.exit(1) 
        return str(process.returncode)

    # ... [other parts of the code] ...

Dockerfile

FROM python:3.9-slim # Install required packages 

RUN apt-get update && \ 
    apt-get install -y sudo && \ 
    apt-get install -y sudo git && \ 
    apt-get clean && \ 
    rm -rf /var/lib/apt/lists/* # Create a user with no password and no shell 

RUN useradd -m -s /usr/sbin/nologin sandboxuser # Copy the go_cli.py and any other required files to the container 

# Set the working directory 
WORKDIR /app 
COPY go_cli.py /app/go_cli.py 
COPY go_questionary /app/go_questionary 

# Install Python dependencies RUN 
pip install requests halo prompt_toolkit typing 

# Run the go_cli.py script as the entrypoint 
ENTRYPOINT ["python", "go_cli.py"]
USER sandboxuser

Attempt 2: Python virtual environment and restricted user

def main(): 
    venv_path = os.path.expanduser('~/gorilla_venv') 
    restricted_user = 'sandboxuser' # The restricted user 
    def create_virtual_environment(): 
        if os.path.exists(venv_path): 
            shutil.rmtree(venv_path) # Remove the existing virtual environment
        venv.create(venv_path, with_pip=True) 

    def install_dependencies(): 
        pip = os.path.join(venv_path, 'bin', 'pip') 
        subprocess.run([pip, 'install', 'requests', 'halo', 'prompt_toolkit', 'typing'],
                                stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL,
                                check=True) 
    def execute_command(cmd): 
        create_virtual_environment() # Create a new virtual environment 
        install_dependencies() # Install the necessary dependencies 
        python = os.path.join(venv_path, 'bin', 'python') 
        try: 
            process = subprocess.run(['sudo', '-u', restricted_user, python, '-c', cmd], check=True)
        except subprocess.CalledProcessError as e: 
            print(f"Error running command as {restricted_user}: {e}", file=sys.stderr) 
            sys.exit(1)

However, I am aware that this only provides isolation with an environment, but not python interpreter and the rest of the system.

Attempt 3: RestrictedPython package

from RestrictedPython import compile_restricted, safe_globals 

source_code = 

"""

""" 
byte_code = compile_restricted(source_code, filename='<inline code>', mode='exec') 

exec(byte_code, safe_globals)