Re: [IronPython] Safe execution of python scripts on my .net application

Fri, 06 Nov 2009 00:35:27 -0800 

Hi,

On Fri, Nov 6, 2009 at 1:07 AM, Dino Viehland <di...@microsoft.com> wrote:

>  So you’ve run this as a standalone program and it’s failing?  In the
> standalone app are all of the IronPython and DLR DLLs present
> (IronPython.dll, IronPython.modules.dll, Microsoft.Scripting.Core.dll,
> Microsoft.Scripting.dll, Microsoft.Dynamic.dll and
> Micrsoft.Scripting.Extensionattribute.dll)?
>
Yes I have all this dlls present.

>
>
> A slightly modified version of this, dropping the strong name, works just
> fine for me:
>
>
>
> using System;
>
> using Microsoft.Scripting;
>
> using Microsoft.Scripting.Hosting;
>
> using IronPython.Hosting;
>
> using System.Security;
>
> using System.Security.Permissions;
>
>
>
> class Test {
>
>     public static void Main(string[] args) {
>
>
>
>         PermissionSet aRestrictedPermissionSet = new
> PermissionSet(PermissionState.None);
>
>         aRestrictedPermissionSet.AddPermission(new
> SecurityPermission(SecurityPermissionFlag.Execution));
>
>
>
>         AppDomainSetup domaininfo = new AppDomainSetup();
>
>         domaininfo.ApplicationBase = System.Environment.CurrentDirectory;
>
>
>
>         AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed
> Domain",
>
>                   AppDomain.CurrentDomain.Evidence,
>
>                   domaininfo,
>
>                   aRestrictedPermissionSet);
>
>
>
>         ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);
>
>         ScriptSource source = engine.CreateScriptSourceFromString("2+2");
>
>         ScriptScope scope = engine.CreateScope();
>
>         Console.WriteLine(source.Execute(scope));
>
>
>
>     }
>
> }
>

Great, I will try this after university. Thanks!

> Compile with:
>
>
>
> csc test.cs /r:Microsoft.Scripting.Core.dll /r:Microsoft.Scripting.dll
> /r:IronPython.dll
>
>
>
> And run and it prints 4.  Does that not work for you?
>
>
>
> We also have a different way we do this in our test suite which also works:
>
>
>
>             AppDomainSetup info = new AppDomainSetup();
>
>             info.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory;
>
>             info.ApplicationName = "Test";
>
>             Evidence evidence = new Evidence();
>
>             evidence.AddHost(new Zone(SecurityZone.Internet));
>
>             AppDomain newDomain = AppDomain.CreateDomain("test", evidence,
> info);
>
>
>
>             // create runtime in partial trust...
>
>             ScriptRuntime runtime = Python.CreateRuntime(newDomain);
>
>
>
>             // get the Python engine...
>
>             ScriptEngine engine = runtime.GetEngine("py");
>

This make sense too, I will try it. Thanks again.

>
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
> *Sent:* Thursday, November 05, 2009 11:18 AM
>
> *To:* Discussion of IronPython
> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
> application
>
>
>
> Again, thanks everyone for your help.
>
>
>
> But.. I bring bad news. This is still not working and it doesn't depend on
> the Test environment.
>
>
>
> I create another proyect, a Form project, with one button which executes
> the following code:
>
>
>
>  // Creating the permission set to grant other assemblies
>
> PermissionSet aRestrictedPermissionSet = new
> PermissionSet(PermissionState.None);
>
> aRestrictedPermissionSet.AddPermission(new
> SecurityPermission(SecurityPermissionFlag.Execution));
>
>
>
> AppDomainSetup domaininfo = new AppDomainSetup();
>
> domaininfo.ApplicationBase = System.Environment.CurrentDirectory;
>
>
>
> List<StrongName> strongNameList = new List<StrongName>();
>
> strongNameList.Add(CreateStrongName(Assembly.GetExecutingAssembly()));
>
>
>
> AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain",
>
>
>                AppDomain.CurrentDomain.Evidence,
>
>
>                domaininfo,
>
>
>                aRestrictedPermissionSet,
>
>
>                strongNameList.ToArray<StrongName>());
>
>
>
> ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);
>
> ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);
>
> ScriptScope scope = engine.CreateScope();
>
> source.Execute(scope);
>
>
>
> It throws this error:
>
> Type is not resolved for member
> 'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting,
> Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.
>
>
>
> I used the fuslogvw application to see if the Microsoft.Scripting is
> loaded, an it is.
>
>
>
> What seems strange for me is that anyone has tried this before. I hope to
> find some more help here.
>
>
>
> Regards,
>
> Nicolas
>
>
>
>
>
> On Wed, Nov 4, 2009 at 7:36 PM, Shri Borde <shri.bo...@microsoft.com>
> wrote:
>
> http://www.dev102.com/2008/03/22/3-ways-to-run-nunit-from-visual-studio/has 
> some info about test projects and appbase problems.
>
>
>
> You can also use fuslogvw (
> http://msdn.microsoft.com/en-us/library/e74a18c4(VS.71).aspx)<http://msdn.microsoft.com/en-us/library/e74a18c4%28VS.71%29.aspx%29>to
>  see why Microsoft.Scripting.dll is failing to load.
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Dino Viehland
> *Sent:* Tuesday, November 03, 2009 1:52 PM
>
>
> *To:* Discussion of IronPython
> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
> application
>
>
>
> Test projects are weird and somehow you don’t end up inheriting the
> application base.  This seems to work though:
>
>
>
>             AppDomainSetup setup = new AppDomainSetup();
>
>             setup.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory;
>
>             AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed
> Domain", null, setup);
>
>             ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);
>
>             ScriptSource source =
> engine.CreateScriptSourceFromString("2+2");
>
>             ScriptScope scope = engine.CreateScope();
>
>             Console.WriteLine(source.Execute(scope));
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
> *Sent:* Tuesday, November 03, 2009 1:30 PM
> *To:* Discussion of IronPython
> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
> application
>
>
>
> I have create a new "Test Project" and an Unit Test class in order to test
> the following code inside:
>
>
>
> AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain");
>
> ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);
>
> ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);
>
> ScriptScope scope = engine.CreateScope();
>
> source.Execute(scope);
>
>
>
>
>
> I have add the references:
>
>
>
> - IronPython
>
> - Microsoft.Scripting
>
> - Microsoft.ScriptingCore
>
>
>
> But it still not working and throwing the
> same System.Runtime.Serialization.SerializationException: Type is not
> resolved for member
> 'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting.
>
>
>
> Any ideas?
>
>
>
>
>
> 2009/11/3 Nicolás Buttarelli <nbuttare...@gmail.com>
>
> Thanks Shri, I will try.
>
>
>
> In addition, I found this open issue:
> http://dlr.codeplex.com/WorkItem/View.aspx?WorkItemId=2816. I think that
> it is related.
>
>
>
> On Tue, Nov 3, 2009 at 9:29 PM, Shri Borde <shri.bo...@microsoft.com>
> wrote:
>
> I think this happens if the new appdomain cannot load the required
> assembly. By default, the new appdomain should inherit its BaseDirectory
> property from the creating domain and should be able to load
> Microsoft.Scripting.dll. Is your exe and all the dlls in the same folder? If
> not, can you try to put all assemblies in the same folder (or in the GAC) to
> see if it works? If that works, you can then figure out how to configure the
> new appdomain such that it can load Microsoft.Scripting.dll. There may be
> some setting in AppDomainSetup, or you could hook the AssemblyResolve event…
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
> *Sent:* Tuesday, November 03, 2009 12:08 PM
>
>
> *To:* Discussion of IronPython
> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
> application
>
>
>
> Hi again, thanks for your clear response.
>
>
>
> I was trying to do what you proposed but it is not working. I am receiving
> an exception:
>
>
>
> *Test method
> CadworX3WCFRestTest.IronPython.SafeScriptExecutionTest.writingAFileTest
> threw exception:  System.Runtime.Serialization.SerializationException: Type
> is not resolved for member
> 'Microsoft.Scripting.Hosting.ScriptRuntimeSetup,Microsoft.Scripting,
> Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'..*
>
> I tried to find a solution but I couldn't. This is the minimal code that I
> am running to get this exception (I have removed all the security stuff but
> apparently that does not resolve the problem):
>
>
>
> *AppDomain aSandboxedDomain = AppDomain.CreateDomain("Sandboxed Domain");*
>
>
>
> *ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);*
>
> *ScriptSource source = engine.CreateScriptSourceFromString(pythonScript);*
>
> *SriptScope scope = engine.CreateScope();*
>
> *source.Execute(scope);*
>
>
>
> The exception is thronged in this line:
>
> *ScriptEngine engine = Python.CreateEngine(aSandboxedDomain);*
>
>
>
>
>
> Do you have any idea which could be the problem?
>
>
>
> Thanks again,
>
> Nicolas
>
>
>
> On Mon, Nov 2, 2009 at 10:25 PM, Dino Viehland <di...@microsoft.com>
> wrote:
>
> Assuming the app domain is setup properly then there’s no way for the
> Python code to elevate permissions (modulo CLR security bugs which are few
> and far between).  This is because IronPython its self is 100% security
> transparent and does not affect any security decisions or assert any form of
> trust – so it’s all up to the CLR to limit permissions.  So for example
> while you can access the file object, or import ctypes, or call various
> other Python APIs which would require trust you’ll get a security exception
> from the CLR when you don’t have permissions to do something.
>
>
>
> For more complex scenarios you might also have an object model which you
> expose to the application and inject in via its scope.  Once you’ve done
> that you’ll want to make sure that the object model is also secure.
>
>
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
> *Sent:* Monday, November 02, 2009 1:20 PM
> *To:* Discussion of IronPython
> *Subject:* Re: [IronPython] Safe execution of python scripts on my .net
> application
>
>
>
> Thanks for your response.
>
>
>
> But what happens with the python code? Does not exist a way to write some
> scripts that can do some damage to my app, the server, the database, etc?
>
>
>
> Thanks again,
>
> Nicolas
>
>
>
> On Mon, Nov 2, 2009 at 9:41 PM, Dino Viehland <di...@microsoft.com> wrote:
>
> After creating your app domain you can do:
>
>
>
> ScriptEngine engine = Python.CreateEngine(someAppDomain);
>
>
>
> And then the rest of your code should work as it’s written.
>
>
>
>
>
> *From:* users-boun...@lists.ironpython.com [mailto:
> users-boun...@lists.ironpython.com] *On Behalf Of *Nicolás Buttarelli
> *Sent:* Monday, November 02, 2009 12:39 PM
> *To:* users@lists.ironpython.com
> *Subject:* [IronPython] Safe execution of python scripts on my .net
> application
>
>
>
> Sorry, I don't know if my previous message have arrived. So, here it is:
>
>
>
>
>
> Hello all,
>
>
>
> I am starting with python and I would like to add to my web application
> some web services. This services will allow the different clients of my
> application to execute some python scripts.
>
>
>
> I would like to know if someone did this before and how can I do this in a
> secure way. I mean, how can I do to restrict the environment where the
> scripts will be executed.
>
>
>
> In .net I can do this using the AppDoman and setting the permission set.
>
>
>
> AppDomain.CreateDomain( string friendlyName,
>                         Evidence securityInfo,
>                         AppDomainSetup info,
>                         PermissionSet grantSet,
>                         params StrongName[] fullTrustAssemblies);
>
>
>
>
>
> Is there a way to do the same with my python scripts?
>
>
>
> I am running them using this:
>
>
>
> ScriptEngine engine = Python.CreateEngine();
>
> ScriptSource source = engine.CreateScriptSourceFromString(scriptAsString);
>
> ScriptScope scope = engine.CreateScope();
>
> source.Execute(scope);
>
>
>
> Thanks in advance.
>
> Nicolas
>
>
> _______________________________________________
> Users mailing list
> Users@lists.ironpython.com
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
>
>
>
> _______________________________________________
> Users mailing list
> Users@lists.ironpython.com
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
>
>
>
> _______________________________________________
> Users mailing list
> Users@lists.ironpython.com
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
>
>
>
>
>
> _______________________________________________
> Users mailing list
> Users@lists.ironpython.com
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
>
>
> _______________________________________________
> Users mailing list
> Users@lists.ironpython.com
> http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
>
>

_______________________________________________
Users mailing list
Users@lists.ironpython.com
http://lists.ironpython.com/listinfo.cgi/users-ironpython.com

Reply via email to