edx-platform

Author	SHA1	Message	Date
Ned Batchelder	c49b0c5027	Have to make the globals json-safe before sending them to the sandbox.	2013-05-06 11:39:18 -04:00
Ned Batchelder	f3e8d5bb7a	Didn't mean to put this in	2013-05-06 11:39:17 -04:00
Ned Batchelder	478f967af4	We would fail if a global was defined with a non-jsonable value inside a jsonable one. Now we don't/	2013-05-06 11:39:17 -04:00
Ned Batchelder	b95ea4422b	Prevent a print statement from accidentally borking the sandbox.	2013-05-06 11:39:17 -04:00
Ned Batchelder	839c568474	Hmm, turns out exec wants just one dict to properly simulate Python module execution.	2013-05-06 11:39:17 -04:00
Ned Batchelder	1473fe377a	A unit test that demonstrates the problem we're having with some sandboxed code.	2013-05-06 11:39:17 -04:00
Ned Batchelder	d9df65eef0	Add some logging to codejail	2013-05-06 11:39:17 -04:00
Ned Batchelder	771de938c7	Update the instructions for setting up the sandbox.	2013-05-06 11:39:17 -04:00
Ned Batchelder	c04f3e09c0	Test that the sandbox can't get to the network.	2013-05-06 10:55:07 -04:00
Ned Batchelder	a40aed58d0	Clean up	2013-05-06 10:55:06 -04:00
Ned Batchelder	4b234a63a3	Future division is really a capa concern, not a general-purpose codejail concern. Move it.	2013-05-06 10:55:06 -04:00
Ned Batchelder	a04317b31d	Files are properly copied in both implementations of safe_exec, and a new python_path argument adds to the python path.	2013-05-06 10:55:06 -04:00
Ned Batchelder	ab8a3050fd	Don't use jailpy if it hasn't been configured.	2013-05-06 10:55:05 -04:00
Ned Batchelder	d99eadc0a2	Refactor the assumed_imports handling	2013-05-06 10:55:05 -04:00
Ned Batchelder	eb85696347	Tests for safe_exec	2013-05-06 10:55:05 -04:00
Ned Batchelder	5d4b61c7f5	Better configuration for codejail.	2013-05-06 10:55:05 -04:00
Ned Batchelder	30748a06ff	Try to find the sandbox in a few places.	2013-05-06 10:55:05 -04:00
Ned Batchelder	e8da1b8f61	Turn off our debugging levers	2013-05-06 10:55:05 -04:00
Ned Batchelder	3316aeb032	Add back the not_safe_exec implementation, for debugging.	2013-05-06 10:55:05 -04:00
Ned Batchelder	ebb2624719	Make jailpy tests more convenient and informative.	2013-05-06 10:55:05 -04:00
Ned Batchelder	7c498be606	Move packages around so we can install packages into the sandbox.	2013-05-06 10:55:05 -04:00
Ned Batchelder	70930c25c1	Remove the unsafe version of safe_exec, and document the safe one.	2013-05-06 10:55:04 -04:00
Ned Batchelder	5db5426e05	Use the real safe_exec; make the seed available in the context.	2013-05-06 10:55:04 -04:00
Ned Batchelder	19e3a0ceb9	Implement safe_exec on top of jailpy (old unsafe safe_exec is still here); Remove some crazy stuff from the context; always pass globals and locals, locals are the things that can be changed.	2013-05-06 10:55:04 -04:00
Ned Batchelder	33abe54e0d	Work in progress to sandbox the uses of eval in LMS.	2013-05-06 10:55:03 -04:00
Ned Batchelder	0c47f1e0b9	safe_exec can load modules for you.	2013-05-06 10:55:03 -04:00
Ned Batchelder	4bb5d14f70	Test that we can't write files	2013-05-06 10:55:03 -04:00
Ned Batchelder	6c609afdb1	LazyModule for lazily proxying module imports.	2013-05-06 10:55:03 -04:00
Ned Batchelder	17f9e4b27d	A turd left over from a test	2013-05-06 10:55:03 -04:00
Ned Batchelder	f8c5305352	Add some malware tests	2013-05-06 10:55:02 -04:00
Ned Batchelder	a9979b8aae	Killing processes isn't working.	2013-05-06 10:55:02 -04:00
Ned Batchelder	70c37130ac	A codejail package to run code securely.	2013-05-06 10:55:02 -04:00

32 Commits