Nova/PyJail
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

0.3.0 base, now with autoconvert

Browse Source
This commit is contained in:
Nova
2025-01-09 07:37:24 +01:00
parent cf79b945dc
commit 2ab3df3499
4 changed files with 115 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@@ -5,8 +5,8 @@ It allows you to jail Python programs in a closed off filesystem
## How to install ## How to install
Installing PyJail is really simple! Just run `python3 ./install.py` in the directory Installing PyJail is really simple! Just run `python3 ./install.py`
where the files are stored! (for Windows `py .\install.py`) in the directory where the files are stored!
## Compatibility ## Compatibility
@@ -14,6 +14,7 @@ As of now we're still working on a custom Python interpreter to make all program
fully jailing compatible, sadly enough it's quite hard work. fully jailing compatible, sadly enough it's quite hard work.
So as of now it is compatible with all Python programs, **but** only some will be So as of now it is compatible with all Python programs, **but** only some will be
properly confined. properly confined.
There is a converter to automatically convert tools, but some still aren't compatible yet.
## POSIX compatibility ## POSIX compatibility
@@ -25,7 +26,7 @@ Linux only scripts.
## Bundled programs ## Bundled programs
To keep the installation extremely small in size and footprint, the bundled programs are also To keep the installation extremely small in size and footprint, the bundled programs are also
extremely small. Currently we bundle 2 programs: extremely small. Currently we bundle 3 programs:
### `sh.py` (While installed: `/bin/sh` or `/usr/bin/sh` or `/usr/bin/shell.py`) ### `sh.py` (While installed: `/bin/sh` or `/usr/bin/sh` or `/usr/bin/shell.py`)
A very simple shell, just does directory navigation and installs packages. A very simple shell, just does directory navigation and installs packages.
@@ -33,6 +34,9 @@ A very simple shell, just does directory navigation and installs packages.
### `ledit.py` (While installed: `/usr/bin/ledit.py`) ### `ledit.py` (While installed: `/usr/bin/ledit.py`)
A simple line text editor. Meant for extreme simplicity. A simple line text editor. Meant for extreme simplicity.
### `autoconvert.py` (While installed: `/usr/bin/autoconvert.py`)
A converter to convert Python programs to be compatible with the jailed filesystem.
We recommend getting essential packages like a proper shell and the UwUGet package manager. We recommend getting essential packages like a proper shell and the UwUGet package manager.

82
autoconvert.py Normal file
View File

@@ -0,0 +1,82 @@
"""
Converts files to be jail-compatible
"""
import importlib
class FileConverter:
def __init__(self):
self.jail_mgr = importlib.import_module(".jail_mgr", "vfs.sys")
self.jailmgr = self.jail_mgr.PyJail()
self._file_openers = ["os.path", "open", "shutil.copy", "shutil.rm"]
self._unsupported_file_openers = ["QFile"]
def convert_file(self, fn):
unsupported_openers_found = 0
lines = []
with open(self.jailmgr.fs(fn), "a") as f:
for line in f:
line = line.strip()
lines.append(line)
blank_line_found = False
init_found = False
i_total = 0
for i, line in enumerate(lines):
if line == "" and blank_line_found is False:
line = "import importlib\n"
lines[i] = line
blank_line_found = True
if "def __init__" in line and init_found is False:
line_to_export = (
"\nself.jail_mgr = importlib.import_module('.jail_mgr', 'vfs.sys')\n"
"self.jailmgr = self.jail_mgr.PyJail()"
)
lines[i + 1] = line_to_export
init_found = True
if self._file_openers in line:
idx = line.index("(")
idx2 = line.index(")")
# if idx2 - idx != 1:
# self.jailmgr.msg(f"{self}", "Unsupported type!", False, "WARN")
# unsupported_openers_found += 1
# else:
expression = line[idx : idx2 + 1]
line_to_edit = f"self.jailmgr.fs({expression})"
idx -= 1
idx2 += 2
full_line = f"{line[:idx]}{line_to_edit}{line[idx2:]}"
lines[i] = full_line
elif self._unsupported_file_openers in line:
self.jailmgr.msg(f"{self}", "Unsupported opener!", False, "WARN")
unsupported_openers_found += 1
else:
pass
i_total = i
if unsupported_openers_found > 0:
self.jailmgr.msg(
f"{self}",
f"Some/all of the openers in this file aren't compatible with the converter, amount: {unsupported_openers_found} of the {i_total}",
True,
"WARN",
)
return lines
def file_writer(self, fn, content):
for i, line in enumerate(content):
line.rstrip("\n")
with open(self.jailmgr.fs(fn), "a+") as f:
f.write(f"{line}\n")
f.close()
self.jailmgr.msg(f"{self}", "Conversion OK! Please check results.", True)
return 0
if __name__ == "__main__":
fc = FileConverter()
fn = input("Enter filepath to convert (fullpath): ")
try:
lines = fc.convert_file(fn)
fc.file_writer(lines)
except Exception:
print("Failure to convert!")

8
install.py
View File

@@ -25,6 +25,7 @@ shutil.move("./main.py", "./vfs/main.py")
shutil.move("./runner.py", "./main.py") shutil.move("./runner.py", "./main.py")
shutil.move("./sh.py", "./vfs/sh.py") shutil.move("./sh.py", "./vfs/sh.py")
shutil.move("./ledit.py", "./vfs/ledit.py") shutil.move("./ledit.py", "./vfs/ledit.py")
shutil.move("./autoconvert.py" "./vfs/autoconvert.py")
os.chdir(os.getcwd() + "/vfs") os.chdir(os.getcwd() + "/vfs")
print("Gathering info...") print("Gathering info...")
usrname = input("Please enter your username: [usr1] ") usrname = input("Please enter your username: [usr1] ")
@@ -56,8 +57,9 @@ os.mkdir("./usr/lib/")
os.mkdir("./usr/lib64/") os.mkdir("./usr/lib64/")
print("Copying files...") print("Copying files...")
shutil.move("./main.py", "./sys/jail_mgr.py") shutil.move("./main.py", "./sys/jail_mgr.py")
shutil.move("./sh.py", "./bin/shell.py") shutil.move("./sh.py", "./usr/bin/shell.py")
shutil.move("./ledit.py", "./bin/ledit.py") shutil.move("./ledit.py", "./usr/bin/ledit.py")
shutil.move("./autoconvert.py", "./usr/bin/autoconvert.py")
print("Creating system configuration files...") print("Creating system configuration files...")
with open("./sys/usr.conf", "a+") as f: with open("./sys/usr.conf", "a+") as f:
f.write(usrname) f.write(usrname)
@@ -68,5 +70,5 @@ with open("./sys/procinfo", "a+") as f:
with open("./proc/kcore", "a+") as f: with open("./proc/kcore", "a+") as f:
f.write("/sys/jail_mgr.py") f.write("/sys/jail_mgr.py")
f.close() f.close()
print("Install completed! Run ./main.py to start the kernel!") print("Install completed! Run ./main.py to start the process!")
input("Press <Enter> to exit! ") input("Press <Enter> to exit! ")

25
main.py
View File

@@ -1,6 +1,6 @@
""" """
This is the PyJail, a jailing tool for running Python apps in a sandboxed environment. This is the PyJail, a jailing tool for running Python apps in a sandboxed environment.
Version: edge0005-base0.2.1 Version: edge0007-base0.2.1
""" """
import os import os
@@ -57,14 +57,18 @@ class PyJail:
emit: If the message needs to be passed to apps. emit: If the message needs to be passed to apps.
log_level: The loglevel, either DEBUG, INFO, WARNING, ERROR, CRITICAL log_level: The loglevel, either DEBUG, INFO, WARNING, ERROR, CRITICAL
""" """
emit_full = False
if self._debug is True: if self._debug is True:
emit = True emit_full = True
accepted_log_levels = ["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"] accepted_log_levels = ["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"]
if log_level.upper() not in accepted_log_levels: if log_level.upper() not in accepted_log_levels:
self.msg( self.msg(
"jailmgr.msg()", f"Not accepted loglevel!! {log_level}", False, "ERROR" "jailmgr.msg()", f"Not accepted loglevel!! {log_level}", False, "ERROR"
) )
return 1 return 1
if log_level == "DEBUG" and self._debug is False:
emit = False
emit_full = False
msg = f"[{time.time}] [{caller}] [{log_level}] {message}" msg = f"[{time.time}] [{caller}] [{log_level}] {message}"
with open(self.fs("/proc/klog"), "a+") as f: with open(self.fs("/proc/klog"), "a+") as f:
f.write(msg) f.write(msg)
@@ -72,6 +76,8 @@ class PyJail:
print(msg) print(msg)
elif emit is True: elif emit is True:
print(message) print(message)
elif emit_full is True:
print(msg)
return 0 return 0
def fs(self, check_path=None, resolve_symlinks=True): def fs(self, check_path=None, resolve_symlinks=True):
@@ -170,7 +176,7 @@ class PyJail:
""" """
Returns the kernel version Returns the kernel version
""" """
return "edge0006-base0.2.1" return "edge0007-base0.2.1"
def netsock(self, ip, port, mode, msg): def netsock(self, ip, port, mode, msg):
""" """
@@ -233,6 +239,17 @@ class PyJail:
f.close() f.close()
else: else:
raise NotImplementedError("TODO: UDP will be implemented later!") # Create a UDP socket
client_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
# Send the message to the server
client_socket.sendto(msg.encode(), (ip, port))
# Receive the response from the server
response, _ = client_socket.recvfrom(1024)
self.msg(f"{self}", f"Received from server: {response.decode()}")
# Close the socket
client_socket.close()
# raise NotImplementedError("TODO: Netsock will be implemented once 0.3.0 comes around!") # raise NotImplementedError("TODO: Netsock will be implemented once 0.3.0 comes around!")