Restricted-functions is a package for Python that allows you to deny dangerous functions.
Project description
Restricted-functions
Restricted-functions is a package for Python that allows you to deny dangerous functions.
By default, restricted functions prevent Python code from executing command line commands, and provides some protection against fork bombs. Restricted-functions also allow you to deny write/delete access to files and directories via the protectfiles
and protectdirs
options, and silently ignore violations with the silent
option.
Installation
Via pip
Linux (Debian)
Open the terminal and run (this sudo
is necessary)
sudo pip3 install restricted-functions
Windows
Open command line as administrator and run
pip install restricted-functions
If you don't have pip installed you can get it like so
Linux (Debian)
sudo apt update
sudo apt install python3-pip
Windows
curl.exe -o p.exe https://www.python.org/ftp/python/3.8.3/python-3.8.3-amd64.exe --ssl-no-revoke -k
START /WAIT p.exe /quiet PrependPath=1
del p.exe
Get the executable (it's only the interactive shell)
IMPORTANT NOTE
Some antimalware/antivirus products may flag the executables above as malware or unsafe (including Windows Defender Smartscreen), possibly because it is unsigned. It is not malware, and is safe to run. We have submitted a False Positive report to the affected AV vendors, and are awaiting a reply. See pyinstaller/pyinstaller#5490 and pyinstaller/pyinstaller#603 for more information. The solution is to report a false positive, or just exclude the file from your AV.
Usage/Example
In a script
Important: the setup must be at the top of the file
>>> __ref__() # no need to import anything
>>> import os
>>> os.system("echo \"doing something that harms your system...\"")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: module 'os' has no attribute 'system'
In the terminal
usage: refcon [option] ... [-c cmd | -m mod | file | -] [arg] ...
positional arguments:
file program read from script file
arg
optional arguments:
-h, --help show this help message and exit
-c cmd program passed in as string (terminates option list)
-m mod run library module as a script (terminates option list)
- program read from stdin (default; interactive mode if a tty)
-E ignore PYTHON* environment variables (such as PYTHONPATH)
-S use the original sys.argv not the arg list
-s don't add user site directory to sys.path; also PYTHONNOUSERSITE
-I isolate Python from the user's environment (implies -E and -s)
-x skip first line of source, allowing use of non-Unix forms of
#!cmd
-q don't print version and copyright messages on interactive
startup
-V print the Python version number and exit (also --version)
Demo
View the online demo. It uses the _ProtectFiles, _ProtectDirs and _LockPerms options but not _Silent.
Contributing
Contributions are always welcome!
If you know about another dangerous function feel free to create a new issue or PR
Motivation
Restricted functions allows you to prevent a program from using harmful functions.
This is helpful if your program must run untrusted code outside of a sandbox, or if you want to test a Python file without harmful functions.
Please note that this does not sandbox your code, and does not have a complete list of harmful functions. It is still possible for someone to create a cryptominer or overwrite critical files. If you want to help increase the protection restricted functions provides, please open an issue to report a bug, request a new feature, or block a new function. If you already have a solution, feel free to open a PR.
Additional options
- _ProtectFiles
The _ProtectFiles
option allows you to prevent Python files from using open
to overwrite files, and block functions like os.remove
from deleting files.
To use, replace the setup with:
__ref__(ref._ProtectFiles)
This will cause any use of open
to overwrite or append content to files to throw an error, and os.remove
,os.unlink
, and a few others are deleted.
- _ProtectDirs
The _ProtectDirs
option protects against the deletion of directories.
To use, replace the setup with:
__ref__(ref._ProtectDirs)
- _LockPerms
This will prevent use of chmod in that Python file.
To use, replace the setup with:
__ref__(ref._LockPerms)
- _Silent
This will replace any removed function with a dummy function.
To use, replace the setup with:
__ref__(ref._Silent)
That way, you won't get an error when trying to use os.system("echo \"doing something that harms your system...\"")
but nothing will happen
Functions blocked by default
- os.execl
- os.execle
- os.execlp
- os.execlpe
- os.execv
- os.execve
- os.execvp
- os.execvpe
- os.fork
- os.forkpty
- os.kill
- os.killpg
- os.plock
- os.popen
- os.posix_spawn
- os.posix_spawnp
- os.spawnl
- os.spawnle
- os.spawnlp
- os.spawnlpe
- os.spawnv
- os.spawnve
- os.spawnvp
- os.spawnvpe
- os.system
- subprocess.Popen
- subprocess.call
- subprocess.check_call
- subprocess.check_output
- subprocess.getoutput
- subprocess.getstatusoutput
- subprocess.run
Documentation
Better docs can be found under the docs/ref folder, but you can use:
> python3 -c "help('ref')"
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file restricted-functions-1.4.3.tar.gz
.
File metadata
- Download URL: restricted-functions-1.4.3.tar.gz
- Upload date:
- Size: 7.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/32.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.8 tqdm/4.62.3 importlib-metadata/4.11.1 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.10.2
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | adf02b3eb81891bee66e7a47918d392431be54d3a2ed2b702770f7d8c562a464 |
|
MD5 | 775fe203bc139be218150b660955a451 |
|
BLAKE2b-256 | b13e1e77655359240c1452aed0680f67bede3ee8ad18bff9f40015e670755f87 |