On Nov 24, 2008, at 1:37 PM, Jason Grout wrote:
>
> jrpick wrote:
>> For security, I just mean that if I have it running on a server, I
>> don't want people to be able to do malicious things like play with
>> the
>> filesystem, send mail, or drop mysql tables. More than a sandbox,
>> however: you shouldn't be able to disable it, or otherwise mess
>> things
>> up so that I have to reinstall it or fix it.
>>
>> I don't know how I plan on accomplishing the security yet. What I
>> did
>> with my system currently (in Perl) is to implement a giant parser
>> that
>> goes through and does calculations as it works out a string. The
>> user
>> can never invoke a function directly, even though it might feel like
>> it. When you say something like sin(30 degrees) there are hard-coded
>> regular expressions that look for it and call the sin function. This
>> way, there's essentially a white list of acceptable things the user
>> can do. This is different from doing something like rexec(code),
>> which I've read has security issues.
>
>
> Okay, good, so you are looking at these things. Securely executing
> python is a subject with a long history. Recent developments include
> the ast module, though I think the high-level ast module is just in
> 2.6,
> and so is not usable in Sage just yet. See
> http://docs.python.org/dev/library/ast.html
If you're doing primarily calculus-based stuff, then one handy thing
to note is that the symbolic ring has its own parser that does not
accept (or evaluate) all of Python. For example:
sage: SR("3x+8sin(y)")
8*sin(y) + 3*x
sage: SR("2*os.path.exists('/path/to/some/file')")
Traceback (most recent call last):
...
TypeError: Malformed expression: 2*os. !!! path.exists('a')
vs.
sage: 2*os.path.exists('/path/to/some/file')
0
will not work. Essentially, if you create all your objects manually
(avoiding any that use "eval" in the constructor, and there aren't
many of those) and make sure your strings are quoted correctly, that
should take care of most of the security issues for a simple system
(e.g. stuff like a box where you type an expression and click a
button to solve/integrate/differentiate/...) Still a good idea to run
it in a virtual machine of course.
- Robert
--~--~---------~--~----~------------~-------~--~----~
To post to this group, send email to sage-devel@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/sage-devel
URLs: http://www.sagemath.org
-~----------~----~----~----~------~----~------~--~---
