f1fac732cf
A new boolean on XModuleSystem that determines whether to allow execution of untrusted unsandboxed code.
Ned Batchelder
2013-05-02 10:50:56 -04:00
f4d84e67e1
Build the XModuleSystem anew for each test so we can fiddle with it safely.
Ned Batchelder
2013-05-02 10:15:23 -04:00
0ba4b680f9
Minor fixes of test_system in xmodule tests
Ned Batchelder
2013-05-01 16:03:28 -04:00
477fe670dd
All re-randomization has to be bucketed to get a reasonable cache hit rate.
Ned Batchelder
2013-05-01 10:08:37 -04:00
7b26c50e32
Added instructions for clearing the cache before running tests
Will Daly
2013-04-26 11:14:19 -04:00
ac660ead3e
Added load test of CustomResponse
Will Daly
2013-04-26 11:11:34 -04:00
0b2aedb4fe
Added datadog monitoring of safe_exec() time
Will Daly
2013-04-29 10:47:26 -04:00
05021377d4
Make the correct link to the codejail repo
Ned Batchelder
2013-04-30 11:51:52 -04:00
baa6b4e3e4
The cache key for safe_exec has to be hashed to keep it a reasonable size.
Ned Batchelder
2013-04-30 11:23:11 -04:00
09fbbe7bfa
Codejail is in its own repo now.
Ned Batchelder
2013-04-29 17:31:19 -04:00
adde939831
Clarify some comments in tests.
Ned Batchelder
2013-04-24 15:14:24 -04:00
726e8db13e
Add more docs
Ned Batchelder
2013-04-24 15:14:07 -04:00
fb5343237a
jail_code can execute a provided file also.
Ned Batchelder
2013-04-12 14:57:37 -04:00
9683098f3d
Python should have -E, not sure of a clean way to do it, but this at least only applies it to python.
Ned Batchelder
2013-04-10 17:53:05 -04:00
bde976dad2
Refactor code_jail to accommodate non-Python code.
Ned Batchelder
2013-04-09 17:07:57 -04:00
55e910aafc
Not sure why my branch was ahead of master for the version of distribute. Make them the same.
Ned Batchelder
2013-04-09 14:15:50 -04:00
bcdc11c3a5
Hint functions are now run in the sandbox.
Ned Batchelder
2013-04-05 16:14:11 -04:00
ed13f0a0f1
Catch up to new exception handling in responses.
Ned Batchelder
2013-04-03 09:31:57 -04:00
5e7d328e7f
Use the Django cache for sandboxed code execution.
Ned Batchelder
2013-04-01 16:33:59 -04:00
c8b908a244
capa.safe_exec can use a cache.
Ned Batchelder
2013-04-01 13:54:25 -04:00
5e8e31b2d1
Add a cache attribute to ModuleSystem
Ned Batchelder
2013-04-01 12:34:11 -04:00
ceb6cedaae
Fix merge
Ned Batchelder
2013-03-29 16:41:01 -04:00
182a1a1899
Cleanups
Ned Batchelder
2013-03-28 14:47:12 -04:00
0021b0acb3
Refactor to move assumed_imports into capa, so that code_jail is more pure.
Ned Batchelder
2013-03-28 10:03:33 -04:00
89f6ef8407
Move capa/safe_exec into its own directory, in prep for moving code here.
Ned Batchelder
2013-03-27 17:24:56 -04:00
d925604113
Clarify provenance
Ned Batchelder
2013-03-26 13:49:45 -04:00
efaa0eea03
More fixes to the merge, now all tests pass.
Ned Batchelder
2013-03-06 11:15:02 -05:00
be79810ff6
Fix one problem from the merges
Ned Batchelder
2013-03-06 10:54:09 -05:00
f62dad2f57
Added symbolic response tests
Will Daly
2013-03-05 16:31:02 -05:00
e61a6fe787
Make it possible for customresponse check functions to get extra arguments, though they need to be declared in the XML.
Ned Batchelder
2013-03-01 15:08:49 -05:00
c49b0c5027
Have to make the globals json-safe before sending them to the sandbox.
Ned Batchelder
2013-03-01 11:16:50 -05:00
7aa493ec85
A start on getting these tests to run again.
Ned Batchelder
2013-03-01 10:36:20 -05:00
283fc47a95
Jailed code importing random explicitly would get the wrong seed.
Ned Batchelder
2013-02-27 14:13:45 -05:00
f3e8d5bb7a
Didn't mean to put this in
Ned Batchelder
2013-02-27 14:04:18 -05:00
478f967af4
We would fail if a global was defined with a non-jsonable value inside a jsonable one. Now we don't/
Ned Batchelder
2013-02-27 14:01:31 -05:00
b95ea4422b
Prevent a print statement from accidentally borking the sandbox.
Ned Batchelder
2013-02-26 17:27:31 -05:00
5acb225816
Print the full traceback when execution fails.
Ned Batchelder
2013-02-26 17:03:39 -05:00
839c568474
Hmm, turns out exec wants just one dict to properly simulate Python module execution.
Ned Batchelder
2013-02-26 14:17:08 -05:00
1473fe377a
A unit test that demonstrates the problem we're having with some sandboxed code.
Ned Batchelder
2013-02-26 13:19:19 -05:00
d9df65eef0
Add some logging to codejail
Ned Batchelder
2013-02-25 16:04:59 -05:00
771de938c7
Update the instructions for setting up the sandbox.
Ned Batchelder
2013-02-25 10:48:14 -05:00
ec7a04fdb3
A /debug/run_python endpoint for staff to test the sandboxing of Python code.
Ned Batchelder
2013-02-22 13:31:31 -05:00
df17c0c7dd
Move symmath into capa so that it's available where needed
Ned Batchelder
2013-02-22 06:27:36 -05:00
67d0670b2e
Symbolic response no longer runs its checker in the Python sandbox.
Ned Batchelder
2013-02-21 17:30:08 -05:00
fe12c64523
Merge pull request #1951 from edx/victor/epfl-desc
Victor Shnayder
2013-05-06 08:34:48 -07:00
65dd3cc9ba
pull from master
Steve Strassmann
2013-05-06 11:29:55 -04:00
7b3646b39c
Need to install pre-requirements.txt first
David Baumgold
2013-05-06 11:05:06 -04:00
94f6e685df
Mock the response from the snuggletex server, and unskip the SymbolicResponse test.
Ned Batchelder
2013-02-21 17:29:44 -05:00
c04f3e09c0
Test that the sandbox can't get to the network.
Ned Batchelder
2013-02-21 15:52:37 -05:00
9dbfca129c
Check functions now can only return serializable data, and 'ex' and 'got' weren't used later anyway.
Ned Batchelder
2013-02-21 14:36:14 -05:00
070f184ee0
Not sure why these had capital-I's in them, since the text just above shows lowercase-i's, and uppercase doesn't work properly.
Ned Batchelder
2013-02-21 14:14:19 -05:00
81c4e4f74f
Make check_function more flexible so symbolicresponse can pass in more information.
Ned Batchelder
2013-02-21 14:13:30 -05:00
42eee48ec9
A few places we used an option of 'imaginaryi', which isn't a real option. Doesn't change any behavior.
Ned Batchelder
2013-02-21 13:24:32 -05:00
a40aed58d0
Clean up
Ned Batchelder
2013-02-20 17:32:07 -05:00
4fb73248ba
Try to get <symbolicresponse> test running. (Not yet)
Ned Batchelder
2013-02-20 17:31:56 -05:00
4b234a63a3
Future division is really a capa concern, not a general-purpose codejail concern. Move it.
Ned Batchelder
2013-02-20 15:29:52 -05:00
7187b10f9c
Use the python_path argument to safe_exec
Ned Batchelder
2013-02-20 15:26:24 -05:00
a04317b31d
Files are properly copied in both implementations of safe_exec, and a new python_path argument adds to the python path.
Ned Batchelder
2013-02-20 15:16:43 -05:00
abb9174559
Refactor how script chunks are run.
Ned Batchelder
2013-02-20 13:14:51 -05:00
12b6876753
safe_exec seeds the random module, and now we have tests for it.
Ned Batchelder
2013-02-20 12:41:40 -05:00
ab8a3050fd
Don't use jailpy if it hasn't been configured.
Ned Batchelder
2013-02-20 11:07:24 -05:00
d99eadc0a2
Refactor the assumed_imports handling
Ned Batchelder
2013-02-20 11:00:10 -05:00
eb85696347
Tests for safe_exec
Ned Batchelder
2013-02-20 10:59:40 -05:00
5d4b61c7f5
Better configuration for codejail.
Ned Batchelder
2013-02-19 15:47:46 -05:00
30748a06ff
Try to find the sandbox in a few places.
Ned Batchelder
2013-02-19 13:51:45 -05:00
716a97ea59
Symbolic response doesn't need to pre-import symmath any more, I think?
Ned Batchelder
2013-02-19 13:42:47 -05:00
e8da1b8f61
Turn off our debugging levers
Ned Batchelder
2013-02-19 12:43:58 -05:00
3316aeb032
Add back the not_safe_exec implementation, for debugging.
Ned Batchelder
2013-02-19 11:48:50 -05:00
ebb2624719
Make jailpy tests more convenient and informative.
Ned Batchelder
2013-02-19 11:08:09 -05:00
7c498be606
Move packages around so we can install packages into the sandbox.
Ned Batchelder
2013-02-19 11:07:11 -05:00
70930c25c1
Remove the unsafe version of safe_exec, and document the safe one.
Ned Batchelder
2013-02-15 11:58:36 -05:00
5db5426e05
Use the real safe_exec; make the seed available in the context.
Ned Batchelder
2013-02-15 10:22:21 -05:00
19e3a0ceb9
Implement safe_exec on top of jailpy (old unsafe safe_exec is still here); Remove some crazy stuff from the context; always pass globals and locals, locals are the things that can be changed.
Ned Batchelder
2013-02-14 16:06:05 -05:00
Ned Batchelder