[Sugar-devel] programming on thin ice

[Bert Freudenberg]

On 30.01.2009, at 09:38, Morgan Collett wrote:

> On Fri, Jan 30, 2009 at 04:59, Benjamin M. Schwartz
> <bmschwar at fas.harvard.edu> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Walter Bender wrote:
>>> (1) A simple idea I am exploring are to allow Turtle Art users to
>>> enter simple Python commands directly into a block, as per
>>> http://sugarlabs.org/go/Image:Ta-sin.png
>>
>> Beautiful.
>>
>>> But here is my question:
>>>
>>> My code for #1 above is:
>>>
>>> def myfunc(lc, f, x):
>>>    myf = "def f(x): return " + f
>>>    userdefined = {}
>>>    try:
>>>        exec myf in globals(), userdefined
>>>    except:
>>>        raise logoerror("#syntaxerror")
>>>    return userdefined.values()[0](x)
>>>
>>> What I am concerned about is making the system vulnerable by letting
>>> arbitrary functions to execute within TA.
>>
>> Don't worry about it.  Three reasons:
>>
>> 1.  You're right.  Rainbow's protections here are strong.  The
>> user-modified code can neither read nor write nor overwrite the  
>> contents
>> of the Journal, for example.  There are lots of other bad things it  
>> could
>> do, like fill the disk with junk, break the TurtleArt icons so that
>> TurtleArt won't start, or flood the network, but
>>
>> 2.  the user is writing this code themselves.  They'd have to go to  
>> great
>> lengths, just to (very temporarily) break their own machine.   
>> Besides,
>>
>> 3.  the remaining issues in (1) should be fixed inside Rainbow,  
>> rather
>> than ineffectually patched by each Activity.
>
> Pippy already lets them write and run arbitrary code in the UI.
>
> If they can run Terminal, they can write and run arbitrary code.


This is different because Terminal is not protected by Rainbow. And  
even super user rights are readily available there.

User code in an activity is more dangerous because it is more easily  
shared between users. Now that we can effortlessly send Journal  
entries to other users, the user-code inside these entries could do  
considerable harm. While direct file access is disallowed by Rainbow,  
the datastore API is still completely unprotected. One could easily  
write some code into the extended TurtleArt tile that deletes all  
entries in the Journal, or sends them to a server.

Rainbow was designed to counter those attacks but it's not implemented  
yet afaik.

And for Sugar running on other Linux distros I think Rainbow is not  
even supported, is it? So there an activity can access or delete all  
the user's files. Which is the reason that the Squeak VM has a sandbox  
mode that limits file access for Etoys projects.

Unfortunately this appears to be infeasible for the Python VM which  
has a gazillion of modules that each would have to be sandboxed. But  
maybe (as Walter suggested) there was a limit on the imports you could  
do?

- Bert -