Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I know this is technically a duplicate question, but I believe it is valid since the original question was submitted 7 years ago and Python/web security has come a long way since then.
I would like to build a web app that allows users to input python code (through the Ace editor package) and then execute it in the browser using a python interpreter on the server. I cannot use pypy.js because I need to use numpy, pandas, and matplotlib. Essentially I would like to make my own Codecademy (I am a teacher and would like to create Codecademy-like courses for my students). Sadly the create-a-course thing Codecademy mentioned at one point has come to nothing.
I'm using Flask, but I could learn Django if that would be easier.
What is the best way to allow my users to run the python code without allowing them to affect the rest of the program or access files outside of what they're allowed to?
There were no fundamental changes in Python or web security the last 7 years. It is still suicidal to allow users to run code on your server.
However, what did change is the availability of lightweight VM solutions like docker.
For an example how this could work have a look at https://civisanalytics.com/blog/engineering/2014/08/14/Using-Docker-to-Run-Python/ . I will not reference this solution here as you will found other examples, even if this one goes away.
However, this might be more safe then running user code direct on your server, BUT
the user code is still running on your server. It might be not possible to escape the docker image, but a malicious user could still upload for eg. a denial of service tool and start an attack from your server. Or sniff your network traffic or whatever.
there are or at least might be ways to break out of the docker image.
For a controlled environment like a classroom those risks might be acceptable, but for a public server you would need a lot of security know how to further lock down the server and the docker image and filter available python functionality.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 year ago.
Improve this question
I am proficient in Bash and a beginner in Python (I have some experience with Flask and Requests).
I wrote a Bash script which asks for some input (four strings) and creates a configuration file based on that input. That's good for me, but I would like to convert it to a (no frills) web interface. I know how to configure Apache, if necessary.
I know there are zillions of ways to do that. I'd like some hints on how to tackle my problem, ideally using Bash or Python. By the way, I've used Octave on CGI for some of this in the past, and I think it's excellent for math purposes, but I'd like to get ideas about some simpler, more generic avenues.
I would create a Django site for this. It can be setup really quickly. I would recommend you host it on PythonAnywhere. They have a free tier, and works really well. Django is similar to Flask, but I personally like Django. If you could be more specific on what your App needs to do, some sample code could be provided.
You probably just need the right keywords to go the right direction. From a high level all you need to to is two steps:
Create a static html web page that contains a form. This form contains at least one input field and a submit button. The URL it accesses needs to be understood by your webserver to invoke your script via the common gateway interface (CGI).
write a python or bash script that Apache can invoke via CGI that receives the value and does something about it. The stdout of this script will be returned back to the browser, so it better be HTML again.
For details check out http://httpd.apache.org/docs/2.4/howto/cgi.html
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
WebRTC Peer to Server instead of Peer To Peer
I want to build a WebRTC Video and Voice Calling App.
However, I do not want a user to be able to connect directly to another user, as this brings unwanted security risks. So I think it makes more sense to implement the whole thing in such a way that all users (2 in this case) connect to a server, which then distributes the data and the users do not distribute it among themselves, so that, for example, the IP is publicly visible.
I don't want that:
So even I think this is the normal way you could do it I don't want to, because, how I said there are a lot of security risks that this kind of connection brings with it.
I want that:
I've heard that Discord, for example, does exactly what I show in the graphic (at least similarly). Can this be implemented? And if so, how? By the way, I used Python Django in the backend. I was wondering whether this could also be done with Python Django Channels. So is there an implementation in Django Channels that I can set up a WebRTC server? Many thanks in advance
You need to use a TURN relay server and set the RTCIceTransportPolicy to relay when creating the RTCPeerConnection in the browser. That will result in the media path matching your bottom diagram.
ALL public peer-to-peer communications use a server in the middle. Virtually every end-user computer in the world today sits behind a firewall and cannot be directly addressed from outside their network.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I'm building my first ever web-app in python, haven't even decided on a framework yet,
does it make sense to start out with a MySQL database to manage users and credentials?
or is it a completely ridiculous way to approach it?
what are some existing solutions and best practices for managing user credentials?
The answer is, as always, it depends. There are many ways to build a web app in Python so you'll first need to decide on what you want to build or what technology you want to learn.
If you just want to focus on a Python backend as a learning exercise then you could use Flask which can run as a server and includes many modules to help you get started including managing users. If you plan to expose your app publicly though it is generally recommended to use Apache or some other battle tested server which can route the requests to Flask.
There are other Python frameworks like bottle which I believe is meant to be even simpler than Flask and Django which is more complicated but has more features. It all depends on what you want to do. You can also look at things like dash if you're end goal has a data analysis flavor.
One thing to note though is that managing user credentials is not trivial. It can be a useful exercise if you like to learn and tinker, but to do it correctly youll need to learn about salting passwords, cryptographically secure hashing, session management, https (and ideally which ciphers should be deprecated), how to protect against sql injection (good to know how to do this anyway if you don't already), cross site scripting, CORS, etc. The list goes on. None of these things are exclusively just for managing user credentials but you should understand all the ways things can go south on you.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 days ago.
Improve this question
How to transfer session to another compute node with python in the following case?
case 1: If using kubernete,
case 2: Or using autoscale,
case 3: if using Amazon,
How to transfer session to another compute node with python?
So that program can run forever
Nope, none of those things can transfer a process with all of its in-memory and on-disk state across hosts.
If you’re looking at Kubernetes already, I’d encourage you to design your application so that it doesn’t have any local state. Everything it knows about lives in a database that’s maintained separately (if you’re into AWS, it could be an RDS hosted database or something else). Then you can easily run multiple copies of it (maybe multiple replicas in a Kubernetes ReplicaSet or Deployment) and easily kill one off to restart it somewhere else.
One of the high-end virtualization solutions might be able to do what you’re asking, but keeping a program running forever forever is pretty hard, particularly in a scripting language like Python. (How do you update the program? How do you update the underlying OS, when it needs to reboot to take a kernel update?)
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 years ago.
Improve this question
I'm not sure how to title this. Heck, this isn't even a python issue because the code is working properly. Let me explain, this might take a while.
So, I've been working in a discord bot that runs code. Probably one the worst ideas I had, but I love the potential that it could have (and the wacky outcomes of people trying to break it), and this is what I ended up with.
I know that it's not pretty, but it's mine and I'm quite proud of it. It works and everything! And while I'd love to get people to tell me how the code could be improved and how much does my code sucks, that's not exactly the problem I have.
So, this bot lets everyone run any code they want. ANYTHING. And I don't even worry about it. I'm going to be running it in a raspberry Pi that I zeroed several times, then installed docker on it. I don't really care about what could people do to it since there won't be any sensitive data. Well, almost. Here's the problem.
So, the last line in my code is this.
bot_client.run(token)
That token is the API bot key from discord. I don't really want anyone to be able to know it, since they could get their own bots in a server using it. But anyone could write a piece of code that reads the file. I'm quite lost. I'm not sure how could I protect that API key. I've tried a few things, most of them related to unix permissions and users/groups, but none of them worked because the files that the bot create will inherit the same user, so I can't put them in different users and call it a day.
Any idea about how could I do this? Just to be clear, this is what I want to avoid.
Well this is a general application design issue. Currently you have a main script that creates new python processes to execute the code, and by default the subprocess has full access to your disk thus to your sources.
IMHO, you should manage at the OS level a way so that the Python interpreter started in the subprocess has no access to the folders of the application source. But that will only come at a cost, because you will have to setup 2 different security roles and a communication channel between them.
The first idea that come to mind would be an auxilliary daemon process running under a different user having no access at all on the source folder of the application. That daemon would have to start the child Python scripts. You could use a (unix domain) socket or any other IPC channel to pass the text in one side and the input/error in other side.
I'm sorry that it is just a hint, but I now realize that you question leads to a rather broad problem.