- Deny access to the file system
- Deny importing Python modules
- Deny exiting Python
- Deny access to stein, stout, or stderr
- Deny some built-ins symbols like execfile(), reload() or KeyboardInterrupt
- Deny execution of arbitrary bytecode (creation of arbitrary code object)
All of these features can be enabled in the Sandbox Configuration settings, so the user has control over what functions and modules are permitted inside the sandbox. The code is run through a subprocess that has the following limitations:
- timeout = 5 seconds
- memory limit = 200 MB
- recursion limit = 50 frames
- number of child process = 0 (disabled fork or thread at the OS level)
- pysandbox is able to catch crashed like segmentation fault (SIGSEGV)
- stdin, stdout, and stderr are redirected to /dev/null (or :NUL on Windows)
There's also a wealth of features available, that can be turned on and off using SandboxConfig, including:
- "codecs": codecs module
- "debug_sandbox": allow to display a traceback of the sandbox.
- "encodings": encodings module with ascii, latin_1, utf_8, utf_16_be, utf_32_be and rot_13 codecs (submodules).
- "interpreter": give access to standard streams, enable traceback.
PySandbox features a CPython restricted mode, which is currently deemed "unsafe" due to the possible execution of arbitrary bytecode. Unfortunately, the restricted mode no longer exists in Python 3, as it was removed with the bastion and exec modules.
Currently, it has been tested on Python 2.5 and 2.6, but support for Python 3 is in the works. For more information on PySandbox, or to download the source files, visit the github page.