top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Secure python environment with web terminal emulator

+1 vote
2,893 views

We have a server running a web-based terminal emulator (based on shellinabox for screen-casting check www.webminal.org) that allows users to learn simple bash commands. This Linux environment secured by things like quota, selinux,ulimit etc

Now some users are requesting python access. How to ensure python is executed in a restricted environment. I came across
http://docs.python.org/2/library/restricted.html
but it seems like disabled in 2.3. Any thoughts on how we can safely provide python access to users.

posted Aug 6, 2013 by Mandeep Sehgal

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

When you are satisfied with the protection you have achieved for bash commands, those same protection might be sufficient for Python as well. I assume that you used operating system facilities to restrict what the (system) user can do on the operating system level: the same restriction would apply to the (same) user executing Python code.

answer Aug 7, 2013 by anonymous
Yes, we used OS features to restrict the system user accounts.

We don't allow gcc - this helped us to avoid kernel exploits via C code like :
https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=42827&forum=59
https://bugzilla.redhat.com/show_bug.cgi?id=962792

We are concerned whether user may try C exploits via Python code and break the system. What's the minimal python set-up you would suggest? I'm thinking something like:

1- Uninstall python-devel packages
2- Remove easy_install or pip (any such install utilities)
3- Keep only very basic modules under /usr/lib/python/site-packages and delete the others.
Similar Questions
0 votes

Is there any command available to view the installed libraries. Please suggest.

+1 vote

I have learnt python and used it for various purposes for scietific computing using sage and GUI development using Tkinter and lots more. I want to start web development using python My goal is to learn the web development in python from the basic level and understand the big web development projects like Django , MoinMoin Wiki , Plone and network programming further with twisted.
I have found Web2Py to be an easy library to quickly use and develop the web application. Is there any other library to start my development with. anddoes my plan of learning Web2Py is good for Web development and getting involved in the big projects like Django , MoinMoin Wiki , Plone.

0 votes

I want to submit a qsub job to my hpc cluster from within python. In this case, I must set some environment variables specific for this qsub job and then invoking a bash script from within python.

What python code should be used for this job?

+1 vote

I want to install path.py in my Python 3.4 environment on a Centos 5 box. My /usr/local/bin/ contains:

easy_install-3.4 
python3.4  
etc. 

We are behind a proxy server and I tried this:

# /usr/local/bin/easy_install-3.4 path.py 

Searching for path.py 
Reading https://pypi.python.org/simple/path.py/ 
Download error on https://pypi.python.org/simple/path.py/: hostname '172.29.68.1  
' doesn't match either of 'www.python.org', 'python.org', 'pypi.python.org',  
'docs.python.org', 'testpypi.python.org', 'bugs.python.org', 'wiki.python.org',  
'hg.python.org', 'mail.python.org', 'packaging.python.org', 'pythonhosted.org',  
'www.pythonhosted.org', 'test.pythonhosted.org', 'us.pycon.org', 'id.python.org' --  
Some packages may not be found! 

Couldn't find index page for 'path.py' (maybe misspelled?), Am I best to use pip or easy_install? also if easy_install, how can I fix the above error?

0 votes

I want to use python for creating dynamic database driven websites. and I don't want to use existing web frameworks for my work. I am learning things so I wont feel lazy to write all the code myself because I want to learn.

could anyone suggest me any books/site from where I can start. I want to follow MVC architecture. so please suggest me some links/book or anything

...