UserCodeService.is_execution_allowed() allows invalid output policy execution

[kevinm207]

Description

The UserCodeService.is_execution_allowed() method contains a logic error that causes it to ignore the boolean return value from output_policy.is_valid(). This results in execution being allowed even when the output policy should deny it.

Current Behavior

The method uses a try/except block but only checks for exceptions raised by output_policy.is_valid():

• Exception is raised → returns IsExecutionAllowedEnum.INVALID_OUTPUT_POLICY
• No exception is raised → always returns IsExecutionAllowedEnum.ALLOWED

The boolean return value from is_valid() is ignored.

Code Reference:

PySyft/packages/syft/src/syft/service/code/user_code_service.py

Lines 359 to 364 in 73901fe

	try:
	output_policy.is_valid(context)
	except Exception:
	return IsExecutionAllowedEnum.INVALID_OUTPUT_POLICY
	return IsExecutionAllowedEnum.ALLOWED

Expected Behavior

Based on the method signatures of OutputPolicy classes, the implementation should:

1. Call output_policy.is_valid() and capture its boolean return value
2. Return IsExecutionAllowedEnum.ALLOWED only if is_valid() returns True
3. Return IsExecutionAllowedEnum.INVALID_OUTPUT_POLICY if is_valid() returns False OR raises an exception (e.g., NotImplementedError)

Impact

This bug allows policy violations, including multiple executions of SingleExecutionExactOutput which run without the server returning cached ExecutionOutput values to the client in violation of the intended policy control that should limit execution to a single run

Suggested Fix

Modify the method to check the boolean return value:

try:
    is_valid = output_policy.is_valid()
    if not is_valid:
        return IsExecutionAllowedEnum.INVALID_OUTPUT_POLICY
    return IsExecutionAllowedEnum.ALLOWED
except Exception:
    return IsExecutionAllowedEnum.INVALID_OUTPUT_POLICY

[rachanadutta]

Hi!
I’m new to the codebase and started exploring this area recently.
I went through this issue and it looks like the return value of output_policy.is_valid() is currently ignored and only exceptions are handled.

I’d like to try working on this fix if it’s okay. Please let me know if I should proceed.
Thanks!

[aazeeem11]

Hi @kevinm207, I attempted to reproduce this issue on Windows 11 using Python 3.10.

I found that installing from within a Jupyter cell (!pip install syft) causes a crash if pyzmq needs to be updated. Since the running Jupyter kernel holds a lock on the pyzmq DLLs, Windows throws an Access is denied error, breaking the installation.

Error Log: