使用python编写模型:如何在受限python模式下运行模型? [英] Using python for writing models: How to run models in restricted python mode?
问题描述
我有一个允许多个用户编写模型的应用程序。
这些模型分布在计算引擎网格上。用户通过网络界面提交他们的模型
。我想
1.限制用户执行任何文件io,exec,import,eval等。我想b $ b想写一个插件pylint要做所有的检查吗?是
这是一个好方法,因为没有受限制的python。什么是
我应该用python代码搜索的东西
2.限制模块使用的内存量。例如
如何限制用户执行= range(10000000000)或类似的
任务,这样我的整个计算服务器场就不会出现故障。
感谢您的帮助
I have an application which allows multiple users to write models.
These models get distributed on a grid of compute engines. users submit
their models through a web interface. I want to
1. restrict the user from doing any file io, exec, import, eval, etc. I
was thinking of writing a plugin for pylint to do all the checks? Is
this is a good way given that there is no restricted python. What are
the things I should serach for in python code
2. restrict the amount of memory a module uses as well. For instance
how can I restrict a user from doing a = range(10000000000) or similar
tasks so that my whole compute farm does not come down.
Thanks for your help
推荐答案
" vinjvinj" < 6 ****** @ gmail.com>写道:
"vinjvinj" <vi******@gmail.com> writes:
1.限制用户执行任何文件io,exec,import,eval等。我想写一个pylint插件来做所有的检查吗?
这是一个很好的方法,因为没有受限制的python。什么是我应该在python代码中搜索的东西
嗯 - 我有一个受限制的python模块:rexec.py。当然,它没有正常工作,因为它并不是真的安全。 Python非常强大,并且创建一个安全的沙箱很困难 - 以至于这个任务从未完成过。
如果你想要一些能够让明显的东西无法工作的东西,那么rexec.py可能适合你 - 但是
不要自欺欺人地说它是安全的。如果你需要真正的安全性,我会考虑切换到Jython,至少有一个虚拟机,这个虚拟机可以用来构建这样的沙箱。
2.限制模块使用的内存量。例如
如何限制用户执行= range(10000000000)或类似的
任务,这样我的整个计算服务器场就不会出现故障。
1. restrict the user from doing any file io, exec, import, eval, etc. I
was thinking of writing a plugin for pylint to do all the checks? Is
this is a good way given that there is no restricted python. What are
the things I should serach for in python code
Um - I''ve got a restricted python module: rexec.py. Of course, it
doesn''t work correctly, in that it isn''t really secure. Python is very
powerful, and creating a secure sandbox is difficult - so much so that
the task has never been accomplished. If you want something that will
keep the obvious things from working, rexec.py might be for you - but
don''t kid yourself that it''s secure. If you need real security, I''d
consider switching to Jython, which at least has a VM which was
designed with building such sandboxes as a possibility.
2. restrict the amount of memory a module uses as well. For instance
how can I restrict a user from doing a = range(10000000000) or similar
tasks so that my whole compute farm does not come down.
这相当于试图限制
模块使用的CPU时间量,这更好地称为暂停问题。对此没有
算法解决方案。如果你想验证一些模块将会在执行它之前只使用这么多内存,你可以做的最好的事情就是确认它们没有做任何明显的事情。如果你想在他们运行时限制他们b
你可以获得操作系统
帮助。具体如何取决于您的要求,以及操作系统
。
< Mike
-
Mike Meyer< mw*@mired.org> http://www.mired.org/home/mwm/
独立的WWW / Perforce / FreeBSD / Unix顾问,电子邮件以获取更多信息。
This is equivalent to trying to limit the amount of CPU time the
module uses, which is better known as the halting problem. There''s no
algorithmic solution to that. If you want verify that some module will
only use so much memory before executing it, the best you can do is
verify that they don''t do anything obvious. If you want to restrict
them while they are running, you can probably get the OS to
help. Exactly how will depend on your requirements, and the OS
involved.
<Mike
--
Mike Meyer <mw*@mired.org> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.
虽然我理解2很难(如果不是不可能)到单打
unix进程。我不知道为什么1会很难做到。因为我有完全控制我可以允许或不允许在我的网格上的代码。可以
我不只是搜索某些字符串并禁止该模型如果它b / b
在某些条件下失败。它可能不是100%安全,但它不会
让我达到90%...
While I understand 2 is very hard (if not impossible) to do in single
unix process. I''m not sure why 1 would be hard to do. Since I have
complete control to what code I can allow or not allow on my grid. Can
i not just search for certain strings and disallow the model if it
fails certain conditions. It might not be 100% secure but will it not
get me at 90%...
" vinjvinj" < 6 ****** @ gmail.com>写道:
"vinjvinj" <vi******@gmail.com> writes:
虽然我理解2在单个
unix过程中非常难(如果不是不可能)。我不知道为什么1会很难做到。因为我完全控制了我可以允许或不允许在我的网格上使用的代码。可以
我不只是搜索某些字符串并且如果它在某些条件下失败则不允许该模型。它可能不是100%安全,但它不会让我达到90%......
While I understand 2 is very hard (if not impossible) to do in single
unix process. I''m not sure why 1 would be hard to do. Since I have
complete control to what code I can allow or not allow on my grid. Can
i not just search for certain strings and disallow the model if it
fails certain conditions. It might not be 100% secure but will it not
get me at 90%...
当然你可以搜索某些字符串。 Python允许你动态地构建字符串
,因此你必须搜索每种可能的方法来创建这些字符串。此外,Python为
内省提供了许多工具,这意味着有很多方法可以找到这些工具
禁止。除了提及他们的名字之外的对象。
你可以通过任何python模块获得* every * builtin函数。对于
实例,你是否会阻止他们使用常规的
rexpressions?如果没有,请考虑:
Sure you can search for certain strings. Python lets you build strings
dynamically, so you''d have to search for every possible way to create
those strings. Further, Python provides lots of tools for
introspection, meaning there are lots of ways to find these
"forbidden" objects other than mentioning their name.
You can get to *every* builtin function through any python module. For
instance, are you going to prevent them from using regular
rexpressions? If not, consider:
getattr(re,''''。join([chr(x + 1) )对于[94,94,97,116,104,107,115,104,109,114,94,94]中的x]))[''fi''+''le'']是开放的
真
getattr(re, ''''.join([chr(x + 1) for x in [94, 94, 97, 116, 104, 107, 115, 104, 109, 114, 94, 94]]))[''fi'' + ''le''] is open True
字符串搜索只能防止最明显的滥用,并且很可能
错过了只是不那么明显。如果你想到你的
" security"作为通知最终用户他们正在做某事
错误,而不是一个阻止他们这样做的工具,那么
你将拥有正确的想法。在这种情况下,我仍然建议在rexec模块中查看
。
< mike
-
Mike Meyer< mw*@mired.org> http://www.mired.org/home/mwm/
独立的WWW / Perforce / FreeBSD / Unix顾问,电子邮件以获取更多信息。
String searches only prevent the most obvious abuses, and may well
miss things that are merely not quite so obvious. If you think of your
"security" as a notice to the end user that they are doing something
wrong, as opposed to a tool that will prevent them from doing it, then
you''ll have the right idea. In which case, I''d still recommend looking
into the rexec module.
<mike
--
Mike Meyer <mw*@mired.org> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.
这篇关于使用python编写模型:如何在受限python模式下运行模型?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
