Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
19,654 Commits 1 Branch 0 Tags
bff94de284fa58da2cedfaa657f4d5228bf89093
Commit Graph

5216 Commits

Author SHA1 Message Date
Ned Batchelder
839c568474 Hmm, turns out exec wants just one dict to properly simulate Python module execution. 2013-05-06 11:39:17 -04:00
Ned Batchelder
1473fe377a A unit test that demonstrates the problem we're having with some sandboxed code. 2013-05-06 11:39:17 -04:00
Ned Batchelder
d9df65eef0 Add some logging to codejail 2013-05-06 11:39:17 -04:00
Ned Batchelder
771de938c7 Update the instructions for setting up the sandbox. 2013-05-06 11:39:17 -04:00
Ned Batchelder
df17c0c7dd Move symmath into capa so that it's available where needed 2013-05-06 11:39:17 -04:00
Ned Batchelder
67d0670b2e Symbolic response no longer runs its checker in the Python sandbox. 2013-05-06 11:39:16 -04:00
Ned Batchelder
94f6e685df Mock the response from the snuggletex server, and unskip the SymbolicResponse test. 2013-05-06 10:55:07 -04:00
Ned Batchelder
c04f3e09c0 Test that the sandbox can't get to the network. 2013-05-06 10:55:07 -04:00
Ned Batchelder
9dbfca129c Check functions now can only return serializable data, and 'ex' and 'got' weren't used later anyway. 2013-05-06 10:55:07 -04:00
Ned Batchelder
070f184ee0 Not sure why these had capital-I's in them, since the text just above shows lowercase-i's, and uppercase doesn't work properly. 2013-05-06 10:55:06 -04:00
Ned Batchelder
81c4e4f74f Make check_function more flexible so symbolicresponse can pass in more information. 2013-05-06 10:55:06 -04:00
Ned Batchelder
42eee48ec9 A few places we used an option of 'imaginaryi', which isn't a real option. Doesn't change any behavior. 2013-05-06 10:55:06 -04:00
Ned Batchelder
a40aed58d0 Clean up 2013-05-06 10:55:06 -04:00
Ned Batchelder
4fb73248ba Try to get <symbolicresponse> test running. (Not yet) 2013-05-06 10:55:06 -04:00
Ned Batchelder
4b234a63a3 Future division is really a capa concern, not a general-purpose codejail concern. Move it. 2013-05-06 10:55:06 -04:00
Ned Batchelder
7187b10f9c Use the python_path argument to safe_exec 2013-05-06 10:55:06 -04:00
Ned Batchelder
a04317b31d Files are properly copied in both implementations of safe_exec, and a new python_path argument adds to the python path. 2013-05-06 10:55:06 -04:00
Ned Batchelder
abb9174559 Refactor how script chunks are run. 2013-05-06 10:55:06 -04:00
Ned Batchelder
12b6876753 safe_exec seeds the random module, and now we have tests for it. 2013-05-06 10:55:06 -04:00
Ned Batchelder
ab8a3050fd Don't use jailpy if it hasn't been configured. 2013-05-06 10:55:05 -04:00
Ned Batchelder
d99eadc0a2 Refactor the assumed_imports handling 2013-05-06 10:55:05 -04:00
Ned Batchelder
eb85696347 Tests for safe_exec 2013-05-06 10:55:05 -04:00
Ned Batchelder
5d4b61c7f5 Better configuration for codejail. 2013-05-06 10:55:05 -04:00
Ned Batchelder
30748a06ff Try to find the sandbox in a few places. 2013-05-06 10:55:05 -04:00
Ned Batchelder
716a97ea59 Symbolic response doesn't need to pre-import symmath any more, I think? 2013-05-06 10:55:05 -04:00
Ned Batchelder
e8da1b8f61 Turn off our debugging levers 2013-05-06 10:55:05 -04:00
Ned Batchelder
3316aeb032 Add back the not_safe_exec implementation, for debugging. 2013-05-06 10:55:05 -04:00
Ned Batchelder
ebb2624719 Make jailpy tests more convenient and informative. 2013-05-06 10:55:05 -04:00
Ned Batchelder
7c498be606 Move packages around so we can install packages into the sandbox. 2013-05-06 10:55:05 -04:00
Ned Batchelder
70930c25c1 Remove the unsafe version of safe_exec, and document the safe one. 2013-05-06 10:55:04 -04:00
Ned Batchelder
5db5426e05 Use the real safe_exec; make the seed available in the context. 2013-05-06 10:55:04 -04:00
Ned Batchelder
19e3a0ceb9 Implement safe_exec on top of jailpy (old unsafe safe_exec is still here); Remove some crazy stuff from the context; always pass globals and locals, locals are the things that can be changed. 2013-05-06 10:55:04 -04:00
Ned Batchelder
908f44b9cd snippets aren't used. Remove them. 2013-05-06 10:55:04 -04:00
Ned Batchelder
248017b4ea No longer need to support <coderesponse> without <codeparam>, so scrap the code. 2013-05-06 10:55:04 -04:00
Ned Batchelder
a6677aa0a8 Computed answers are run through safe_exec. 2013-05-06 10:55:04 -04:00
Ned Batchelder
37ca6bf77e Move our specialization of safe_exec into a new module to avoid circular imports. 2013-05-06 10:55:04 -04:00
Ned Batchelder
33abe54e0d Work in progress to sandbox the uses of eval in LMS. 2013-05-06 10:55:03 -04:00
Ned Batchelder
0c47f1e0b9 safe_exec can load modules for you. 2013-05-06 10:55:03 -04:00
Ned Batchelder
4bb5d14f70 Test that we can't write files 2013-05-06 10:55:03 -04:00
Ned Batchelder
6c609afdb1 LazyModule for lazily proxying module imports. 2013-05-06 10:55:03 -04:00
Ned Batchelder
17f9e4b27d A turd left over from a test 2013-05-06 10:55:03 -04:00
Ned Batchelder
f8c5305352 Add some malware tests 2013-05-06 10:55:02 -04:00
Ned Batchelder
a9979b8aae Killing processes isn't working. 2013-05-06 10:55:02 -04:00
Ned Batchelder
70c37130ac A codejail package to run code securely. 2013-05-06 10:55:02 -04:00
cahrens
e44c6b6bf8 Don't reach in to default value. 2013-05-03 17:05:02 -04:00
cahrens
32d67be5f5 Get rid of _computed_default. 2013-05-03 16:42:41 -04:00
Sarina
72584b5937 Merge pull request #1914 from edx/fix/sarina/new_formularesponse_defaults 
Fix/sarina/new formularesponse defaults
 2013-05-03 12:32:10 -07:00
cahrens
5c3719b915 Get HTML LaTeX "working" again. 2013-05-03 15:31:18 -04:00
cahrens
9dd074f25b Cleanup. 2013-05-03 15:09:02 -04:00
cahrens
37d594ce37 Get rid of non-editable scope. 2013-05-03 14:58:33 -04:00