For to offer interactive examples about data analysis, I'd like to embed an interactive python shell. It does not necessarily have to be a real Python shell. Users shall be given tasks that they can execute in the shell. This is similar to existing tutorials, as seen on, e.g., http://www.codecademy.org, but I'd like to work with libraries that those solutions do not offer, as far as I understood.
为了提供有关数据分析的交互式示例,我想嵌入一个交互式python shell。它不一定是真正的Python shell。应为用户提供可在shell中执行的任务。这类似于现有的教程,例如http://www.codecademy.org,但我想与那些解决方案不提供的库一起工作,据我所知。
In order to get a real shell on the website, I think of two approaches:
为了在网站上获得真正的shell,我想到了两种方法:
-
I found projects like http://www.repl.it, but it seems rather difficult to include the necessary libraries like SciPy, NumPy, and Pandas. In addition, user input has to be validated and I'm not sure whether that works with those shells I found.
我找到了像http://www.repl.it这样的项目,但似乎很难包含必要的库,如SciPy,NumPy和Pandas。此外,必须验证用户输入,我不确定这是否适用于我找到的那些shell。
-
I could pipe the commands through a web applications to a Python installation on my server, but I'm scared of using
eval()on foreign, arbitrary code. Is there a safe mode for Python? I found http://www.pypy.org. Although they offer a Python sandbox, unfortunately, they do not support the libraries I need.我可以通过Web应用程序将命令传递到我的服务器上的Python安装,但是我害怕在外来的任意代码上使用eval()。 Python有安全模式吗?我找到了http://www.pypy.org。虽然它们提供了Python沙箱,但不幸的是,它们不支持我需要的库。
-
Alternatively, I thought of just embedding a "fake shell", which I build to copy the behaviour of the functions that I want to explain. Of course, this would result in more work, as I would have to write a fake interface, but for now it seems to be the only possibility.
或者,我想到只是嵌入一个“假shell”,我构建它来复制我想要解释的函数的行为。当然,这会导致更多的工作,因为我必须编写一个虚假的界面,但现在它似乎是唯一的可能性。
I hope that this question is not too generic; I'm looking for either a good HTML/JS library that helps me put a fake shell on my website or a library/service/software that can embed a real Python shell with the required modules installed.
我希望这个问题不太通用;我正在寻找一个好的HTML / JS库来帮助我在我的网站上放置一个假的shell,或者一个库/服务/软件,它可以嵌入一个安装了所需模块的真正的Python shell。
2 个解决方案
#1
4
There is no way to run untrusted Python safely; Python's dynamic nature allows for too many ways to break through any protective layers you could care to think of.
没有办法安全地运行不受信任的Python; Python的动态特性允许有太多方法来突破您可能想到的任何保护层。
Instead, run each session on a new virtual machine, properly locked down (firewalled, unprivileged user), which you shut down after a hard time limit. New sessions get a new, clean virtual machine.
相反,在新虚拟机上运行每个会话,正确锁定(防火墙,非特权用户),您在困难时间限制后关闭。新会话获得一个新的,干净的虚拟机。
This isolates you from any malicious code that might run and try to break out of a sandbox; a good virtual machine is hardware-isolated by the processor from the host OS, something a Python-only layer could never achieve.
这可以隔离任何可能运行并试图突破沙箱的恶意代码;一个好的虚拟机由处理器从主机操作系统硬件隔离,这是Python专用层永远无法实现的。
#2
3
This process is sometimes called sandboxing. You can find some good information on the python wiki
此过程有时称为沙盒。你可以在python wiki上找到一些很好的信息
There are basically three options available:
基本上有三种选择:
- machine-level mechanisms (such as a VM, as Martijn Pieters suggested)
- 机器级机制(如VM,如Martijn Pieters建议的那样)
- OS-level mechanisms (such as a chroot or SELinux)
- 操作系统级机制(如chroot或SELinux)
- custom interpreters, such as pypy (which has sandboxing capabilities, as you mentioned), or Jython, where you may be able to use the Java security manager or applet mechanisms.
- 自定义解释器,例如pypy(具有沙箱功能,如您所述)或Jython,您可以在其中使用Java安全管理器或applet机制。
You may also want to check Restricted Python, which is especially useful for very restricted environments, but security will depend on its configuration.
您可能还需要检查Restricted Python,这对于非常有限的环境特别有用,但安全性取决于其配置。
Ultimately, your choice of solution will depend on what you want to restrict:
最终,您选择的解决方案将取决于您想要限制的内容:
- Filesystem access? Block everything, or allow certain directories?
- 文件系统访问?阻止一切,或允许某些目录?
- Network access, such as sockets?
- 网络访问,如套接字?
- Arbitrary system calls?
- 任意系统调用?
#1
4
There is no way to run untrusted Python safely; Python's dynamic nature allows for too many ways to break through any protective layers you could care to think of.
没有办法安全地运行不受信任的Python; Python的动态特性允许有太多方法来突破您可能想到的任何保护层。
Instead, run each session on a new virtual machine, properly locked down (firewalled, unprivileged user), which you shut down after a hard time limit. New sessions get a new, clean virtual machine.
相反,在新虚拟机上运行每个会话,正确锁定(防火墙,非特权用户),您在困难时间限制后关闭。新会话获得一个新的,干净的虚拟机。
This isolates you from any malicious code that might run and try to break out of a sandbox; a good virtual machine is hardware-isolated by the processor from the host OS, something a Python-only layer could never achieve.
这可以隔离任何可能运行并试图突破沙箱的恶意代码;一个好的虚拟机由处理器从主机操作系统硬件隔离,这是Python专用层永远无法实现的。
#2
3
This process is sometimes called sandboxing. You can find some good information on the python wiki
此过程有时称为沙盒。你可以在python wiki上找到一些很好的信息
There are basically three options available:
基本上有三种选择:
- machine-level mechanisms (such as a VM, as Martijn Pieters suggested)
- 机器级机制(如VM,如Martijn Pieters建议的那样)
- OS-level mechanisms (such as a chroot or SELinux)
- 操作系统级机制(如chroot或SELinux)
- custom interpreters, such as pypy (which has sandboxing capabilities, as you mentioned), or Jython, where you may be able to use the Java security manager or applet mechanisms.
- 自定义解释器,例如pypy(具有沙箱功能,如您所述)或Jython,您可以在其中使用Java安全管理器或applet机制。
You may also want to check Restricted Python, which is especially useful for very restricted environments, but security will depend on its configuration.
您可能还需要检查Restricted Python,这对于非常有限的环境特别有用,但安全性取决于其配置。
Ultimately, your choice of solution will depend on what you want to restrict:
最终,您选择的解决方案将取决于您想要限制的内容:
- Filesystem access? Block everything, or allow certain directories?
- 文件系统访问?阻止一切,或允许某些目录?
- Network access, such as sockets?
- 网络访问,如套接字?
- Arbitrary system calls?
- 任意系统调用?