Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Disable ClearImport protection, it breaks "import random"

  • Loading branch information...
commit 1b86436650681c7bf24bcf9c0ba7817f34a79307 1 parent 1b18e86
@haypo authored
View
2  ChangeLog
@@ -1,6 +1,8 @@
Version 1.6
-----------
+FIXME: repair ClearImport() protection, or remove it
+
* Execute code in a subprocess using the Python subprocess module
or os.fork()
* Add --disable-subprocess command line option
View
1  TODO
@@ -1,6 +1,7 @@
Major tasks
-----------
+ * Re-enable ClearImport() protection: break test_random test
* Limit input/output size for call_fork()?
* subprocess should use a pipe or socket instead of a named file. Reuse
subprocess and multiprocessing?
View
4 sandbox/__init__.py
@@ -39,8 +39,8 @@ def disable(self, sandbox):
from .config import SandboxConfig
from .sandbox_class import Sandbox
-from .clear_import import ClearImport
-Sandbox.PROTECTIONS.append(ClearImport)
+#from .clear_import import ClearImport
+#Sandbox.PROTECTIONS.append(ClearImport)
from .builtins import CleanupBuiltins
Sandbox.PROTECTIONS.append(CleanupBuiltins)
View
2  sandbox/config.py
@@ -81,7 +81,7 @@ def __init__(self, *features, **kw):
self._use_subprocess = kw.get('use_subprocess', True)
if self._use_subprocess:
self._timeout = DEFAULT_TIMEOUT
- self._max_memory = 50 * 1024 * 1024
+ self._max_memory = 250 * 1024 * 1024
# size in bytes of all input objects serialized by pickle
self._max_input_size = 64 * 1024
# size in bytes of the result serialized by pickle
View
12 sandbox/test/test_random.py
@@ -0,0 +1,12 @@
+from sandbox import Sandbox
+from sandbox.test import createSandboxConfig, SkipTest
+
+def test_random():
+ config = createSandboxConfig('random')
+ if config.cpython_restricted:
+ raise SkipTest("deny importing modules")
+
+ check_random = 'import random; random.randint(1, 6)'
+
+ Sandbox(config).execute(check_random)
+
Please sign in to comment.
Something went wrong with that request. Please try again.