Skip to content

C
codejail
Commit cf83d6a7 by Ned Batchelder
Options

jail_code and safe_exec now accept a slug parameter, for use in log messages.

parent 874361ff
Showing with 15 additions and 5 deletions
codejail/jail_code.py
...@@ -113,7 +113,8 @@ class JailResult(object): ...@@ -113,7 +113,8 @@ class JailResult(object):
self.stdout = self.stderr = self.status = None self.stdout = self.stderr = self.status = None
def jail_code(command, code=None, files=None, argv=None, stdin=None): def jail_code(command, code=None, files=None, argv=None, stdin=None,
slug=None):
""" """
Run code in a jailed subprocess. Run code in a jailed subprocess.
...@@ -133,6 +134,11 @@ def jail_code(command, code=None, files=None, argv=None, stdin=None): ...@@ -133,6 +134,11 @@ def jail_code(command, code=None, files=None, argv=None, stdin=None):
`argv` is the command-line arguments to supply. `argv` is the command-line arguments to supply.
`stdin` is a string, the data to provide as the stdin for the process.
`slug` is an arbitrary string, a description that's meaningful to the
caller, that will be used in log messages.
Return an object with: Return an object with:
.stdout: stdout of the program, a string .stdout: stdout of the program, a string
...@@ -145,7 +151,8 @@ def jail_code(command, code=None, files=None, argv=None, stdin=None): ...@@ -145,7 +151,8 @@ def jail_code(command, code=None, files=None, argv=None, stdin=None):
with temp_directory() as tmpdir: with temp_directory() as tmpdir:
log.debug("Executing jailed code: %r", code) if slug:
log.debug("Executing jailed code %s in %s", slug, tmpdir)
argv = argv or [] argv = argv or []
......
codejail/safe_exec.py
...@@ -36,7 +36,7 @@ class SafeExecException(Exception): ...@@ -36,7 +36,7 @@ class SafeExecException(Exception):
pass pass
def safe_exec(code, globals_dict, files=None, python_path=None): def safe_exec(code, globals_dict, files=None, python_path=None, slug=None):
""" """
Execute code as "exec" does, but safely. Execute code as "exec" does, but safely.
...@@ -53,6 +53,9 @@ def safe_exec(code, globals_dict, files=None, python_path=None): ...@@ -53,6 +53,9 @@ def safe_exec(code, globals_dict, files=None, python_path=None):
`files` are, but will also be added to `sys.path` so that modules there can `files` are, but will also be added to `sys.path` so that modules there can
be imported. be imported.
`slug` is an arbitrary string, a description that's meaningful to the
caller, that will be used in log messages.
Returns None. Changes made by `code` are visible in `globals_dict`. If Returns None. Changes made by `code` are visible in `globals_dict`. If
the code raises an exception, this function will raise `SafeExecException` the code raises an exception, this function will raise `SafeExecException`
with the stderr of the sandbox process, which usually includes the original with the stderr of the sandbox process, which usually includes the original
...@@ -131,7 +134,7 @@ def safe_exec(code, globals_dict, files=None, python_path=None): ...@@ -131,7 +134,7 @@ def safe_exec(code, globals_dict, files=None, python_path=None):
log.debug("Stdin: %s", stdin) log.debug("Stdin: %s", stdin)
res = jail_code.jail_code( res = jail_code.jail_code(
"python", code=jailed_code, stdin=stdin, files=files "python", code=jailed_code, stdin=stdin, files=files, slug=slug,
) )
if res.status != 0: if res.status != 0:
raise SafeExecException( raise SafeExecException(
...@@ -172,7 +175,7 @@ def json_safe(d): ...@@ -172,7 +175,7 @@ def json_safe(d):
return json.loads(json.dumps(jd)) return json.loads(json.dumps(jd))
def not_safe_exec(code, globals_dict, files=None, python_path=None): def not_safe_exec(code, globals_dict, files=None, python_path=None, slug=None):
""" """
Another implementation of `safe_exec`, but not safe. Another implementation of `safe_exec`, but not safe.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment