search

langgenius / dify-sandbox

A lightweight, fast, and secure code execution environment that supports multiple programming languages
https://docs.dify.ai/development/backend/sandbox
Apache License 2.0
434 stars 97 forks source link

refactor: Fix sandbox escape by disabling the preload parameter. #96

Closed hexian2001 closed 1 month ago

hexian2001 commented 1 month ago

What i modified:

  1. modified: conf/config.yaml

    • Added enable_preload configuration with a default value of False for security purposes.

  2. modified: internal/types/config.go

    • Updated the configuration structure to include the EnablePreload parameter.

  3. modified: internal/service/nodejs.go

    • Added logic to retrieve the EnablePreload setting from the configuration. If EnablePreload is disabled, the preload field is set to an empty string.

  4. modified: internal/service/python.go

    • Added logic to retrieve the EnablePreload setting from the configuration. If EnablePreload is disabled, the preload field is set to an empty string.

Summarize:

  1. After making the modifications and running compilation tests, the command injection attack has been successfully prevented.
  2. After discussing with the project maintainer, it was concluded that this parameter is theoretically deprecated. Therefore, it is disabled by default and will not be updated through environment variables. Currently, disabling the preload parameter does not negatively impact other functionalities.
Yeuoly commented 1 month ago

pls rebase to main branch as you could get passed by CI tests.