How to Protect Server from User Written Python Script

Question

I want to allow users to create their own Python scripts that run on the server and give output to the users. Likely I'll be allowing users to use Selenium in their scripts, and to write to files in a specific folder. I'm new to Python however assume there are security risks. How would you suggest I protect the server from malicious user code? Below is the C# code I'm using at present to run Python.

    public static string Run()
    {
        string fileName = @"C:\temp\text.py";

        Process p = new Process();
        p.StartInfo = new ProcessStartInfo(@"python", fileName)
        {
            RedirectStandardOutput = true,
            UseShellExecute = false,
            CreateNoWindow = true
        };
        p.Start();

        string output = p.StandardOutput.ReadToEnd();
        p.WaitForExit();
        return output;
    }

Some ideas here: https://stackoverflow.com/questions/3068139/how-can-i-sandbox-python-in-pure-python — Rup, Jul 01 '19 at 03:34
Thanks. I think the first thing I will do is create a web service so that the python code can be run on an independent server that has no sensitive data and can be nuked if it is damaged. I guess I just need to determine if there's any specific code I should prevent from execution / inclusion. — user11624361, Jul 01 '19 at 06:56

How to Protect Server from User Written Python Script

0 Answers0