Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

python execute security #611

Open
Irev-Dev opened this issue Jul 17, 2022 · 4 comments
Open

python execute security #611

Irev-Dev opened this issue Jul 17, 2022 · 4 comments

Comments

@Irev-Dev
Copy link
Owner

Irev-Dev commented Jul 17, 2022
edited
Loading

Python execute has been disabled for the time being.

Since python is a general purpose language getting security right is trick, the way it currently runs it would be possible to grab some aws credentials, as well as other things like crypto mining, the 30s execute limit does help but does not fix the problem.

Much more robust tracing and limits are needed before enabling this feature again.
@Irev-Dev Irev-Dev changed the title placeholder python execute security Jul 30, 2022
@jdegenstein
Copy link

Just doing some quick research on how to secure python execution and thought I would leave this here for consideration:

https://github.com/zopefoundation/RestrictedPython

@Irev-Dev
Copy link
Owner Author

Irev-Dev commented Aug 6, 2022

Thanks @jdegenstein

@42sol-eu
Copy link

42sol-eu commented Dec 8, 2022

Anything new on that?

@notthewave
Copy link

What about using web assembly? I am certainly not an expert when it comes to web development but it might work for this use case:
https://webassembly.org/docs/security/
https://github.com/pyodide/pyodide

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jdegenstein @42sol-eu @Irev-Dev @notthewave