Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I was looking through the code and saw someone submitted this but didn't run it:

    def x():
        g = yield
        yield g.gi_frame.f_back.f_back

    g = x()
    g.next()
    frame = g.send(g)

    player_id = frame.f_locals['player_id']
    globals = frame.f_back.f_globals

    CODE = """
    class Game:

        def _""" """_init_""" """_(self, *players):
            pass

        def run_turn(self):
            pass

        def get_game_history(self):
            return ''

        def get_scores(self):
            scores = [0, 0]
            scores[player_id] = 2000
            return scores
    """

    exec CODE

    globals["Game"] = Game
Clearly I have some security problems. Thanks to whoever made this for bringing this to my attention without actually screwing me.


As pointed out in another subthread, Python code is practically impossible to sandbox. Most competition isolate player code by running it in a separate process which has the additional benefit of easily allowing different implementation languages.

Making sure the process doesn't use your network to spread malware is not 100% trivial but still easier than sandboxing Python code within Python.

Good luck with your project!


Seccomp might be a possibility here, but will require one process per live robot (and Linux). With seccomp your process can do nothing but read/write from its file descriptors (so you have to make sure they are safe) but can do nothing more (thus you cannot import modules). So you can exchange messages via file descriptors and otherwise use any Python (or even any other language at all features). Here's one recent article about it: http://pythonsweetness.tumblr.com/post/65442885019/secure-lo...

RestrictedPython, used in zope, is nice too. However it cuts you out of many Python features that it cannot statically validate.


Seattle[1] includes an attempt to sandbox Python. No idea if it's 100% covered, but they try.

[1]: https://seattle.poly.edu/wiki


Another option might be running PyPy within your CPython only for the user scripting parts and switching everything off you don't want.


Id run in docker containers or zerovm. You _cannot_ sandbox Python.


What does this code do?


The problem is that he managed to essentially bypass my jail. He could've wiped my server if he'd wanted.


jailbreaker:jailbreaker

turning down your server is not as much fun as cheating.

shameless plug, I have just worked out a JavaScript class loader[1] of Robocode a few week ago. you don't have to turn security off with this class loader, unlike some approaches suggested on RoboWiki[2]. I'm currently trying to get Jython work with Robocode.

[1]: https://github.com/xiazheteng/robocode-classloaders [2]: http://robowiki.net/wiki/Other_JVM_Languages


Looks like it gives the player associated with that code a score of 2000 points and the opponent 0.


It replaces the code of the entire game with a new game that gives one player 2000 points...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: