问题描述
我有一个web服务,用户可以上传运行在服务器上的python脚本。这些脚本处理服务器上的文件,我希望它们只能看到服务器文件系统的特定层次结构(最好:复制我想要处理的文件和脚本的临时文件夹)。
服务器最终将成为一个基于Linux的服务器,但是如果Windows上也有解决方案,那么知道如何解决这个问题是非常好的。
我只是创建了一个用户限制访问文件夹的文件夹 - 最终只包含脚本和文件的文件夹 - 并启动python解释器使用这个用户。
有人能给我一个更好的选择吗?因为仅仅靠这让我觉得没有安全感,我想一个真正的沙盒或虚拟FS功能,在那里我可以运行安全不受信任的代码。
无论是或更高阶的安全机制,诸如可以用来限制对特定资源的访问。
I have a web service to which users upload python scripts that are run on a server. Those scripts process files that are on the server and I want them to be able to see only a certain hierarchy of the server's filesystem (best: a temporary folder on which I copy the files I want processed and the scripts).
The server will ultimately be a linux based one but if a solution is also possible on Windows it would be nice to know how.
What I though of is creating a user with restricted access to folders of the FS - ultimately only the folder containing the scripts and files - and launch the python interpreter using this user.
Can someone give me a better alternative? as relying only on this makes me feel insecure, I would like a real sandboxing or virtual FS feature where I could run safely untrusted code.
Either a chroot jail or a higher-order security mechanism such as SELinux can be used to restrict access to specific resources.
这篇关于伪造一个文件系统/虚拟文件系统的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!