Ask HN: API to run Python code, what can go wrong?
As a little weekend project, I'm trying to build an API to run python code and wondering what might go wrong.
Specifically, is there any way of building such a service that is safe from being hacked? My guess is that letting users input code that will be ran is never save, but I'd love some input on this.
The API can be tested here: https://api-run-code.herokuapp.com/ ... and here is the code: https://github.com/nathanganser/api-to-execute-python
For context, I'm thinking about building an app that needs to run user-inputted python code, and since I could not find a service that makes this easy, I just built an MVP of it.
19 comments
[ 133 ms ] story [ 2137 ms ] threadAs an app, you would not send users to AWS Lambda right?
edit: Your specific protection appears to be `__builtins__ = None` and otherwise run in the same interpreter. It is very naive. Here is an example hack that gets to your "secret data":
(from https://nedbatchelder.com/blog/201206/eval_really_is_dangero... but really you could have googled it)rm -> remove/delete the given file
-r -> recursively delete files and subdirectories
-f -> remove forcefully without command prompt, specifically useful when deleting unwritable files
/ -> the root partition, basically the base of the entire system
When combined, it's dangerous because it could delete every file and directory on the root. I'm not sure, but I think you would need superuser (sudo) privileges to do so, but I'm not gonna test it:
sudo rm -rf /
Here's more on rm: https://www.geeksforgeeks.org/rm-rf-command-in-linux-with-ex...
That post is old and not very detailed, so maybe I'm misinterpreting it.
1. https://blog.replit.com/api-docs
from the page: "Our old code execution API has been deprecated."
That would be the perfect solution to this, that's for sharing! Hopefully they'll launch something new soon!
They have already figured out how to isolate functions from harming the host system, and they've solved the issue of potentially infinite execution time.
The method I use for my autograder research platform is:
1) Build a test suite as a JSON string that gets passed to queue; on the student's side, they're given a Job ID that will check every few seconds on the job's status
2) When its their turn, I pass the submission to a Docker image
3) The docker image dumps the student's code into a "submission.py" file and then dynamically builds the test cases based on what came in the JSON file (using Python's unittest library)
3) Save the code's test results to my DB and mark the job ID as "done"
4) Once the student's AJAX request sees a "done", it also returns the test results as a JSON string, which is then parsed on to the screen
In terms of "safety", the big issues you'll need to test for are making sure that Docker does not have root access. Try to dig up some Docker vulnerabilities to poke holes in your system. You can also whitelist only a select number of libraries so users don't go importing things with vulnerabilities.