1 Commits

Author SHA1 Message Date
7c1ee43b0a Update README
Goes for all branches.
2024-11-23 13:12:28 +01:00
6 changed files with 61 additions and 58 deletions

View File

@@ -1,3 +1,38 @@
# PyJail
Jailing tool for Python
PyJail is a jailing tool for Python
It allows you to jail Python programs in a closed off filesystem
## How to install
Installing PyJail is really simple! Just run `python3 ./install.py` in the directory
where the files are stored!
## Compatibility
As of now we're still working on a custom Python interpreter to make all programs
fully jailing compatible, sadly enough it's quite hard work.
So as of now it is compatible with all Python programs, **but** only some will be
properly confined.
## POSIX compatibility
We're also providing a (sort-of) POSIX compatible mode. This allows Python programs
made for Linux to also run natively on Windows. This is more meant for Windows
versions that don't feature WSL (Windows 7/8/8.1) but still need to run some
Linux only scripts.
### The 4 branches
Which branch works best for you?
Well, that's pretty simple. We have 4 branches (`main`, `next`, `edge` and `no-posix`).
If you want the most stable experience, then the `main` branch is for you.
If you want the lastest features, but also a more stable experience (compared to `edge`),
then the `next` branch is for you
If you want the bleeding-edge and don't care about stability, then `edge` is for you.
If you only need simple jailing and no POSIX compatibility, then `no-posix` is for you.
### Issues
Please report issues [over here](https://git.novacow.ch/Nova/PyJail/issues/)
And please check if your issue isn't a duplicate before reporting.

View File

@@ -1,6 +1,6 @@
"""
Install script for the Python jailer.
Version: 0.2.0-alpha1
Version: 1.0.0-main1
"""
import os
import shutil
@@ -43,7 +43,7 @@ if setup_posix.lower() == "y":
with open("./lib64", "a+") as f:
f.write("symlnk /usr/lib64/")
f.close()
with open("./usr/bin/sh.py", "a+") as f:
with open("./usr/bin/sh", "a+") as f:
f.write("symlnk /usr/bin/shell.py")
f.close()
os.mkdir("./sys")
@@ -63,7 +63,7 @@ if setup_posix.lower() == "y":
f.write(usrname)
f.close()
with open("./sys/procinfo", "a+") as f:
f.write("proc: vfs(/proc/)\nkernel: vfs(/proc/kcore)")
f.write("proc: vfs(/proc/)\nmgr: vfs(/proc/kcore)")
f.close()
with open("./proc/kcore", "a+") as f:
f.write("/sys/jail_mgr.py")
@@ -75,7 +75,6 @@ else:
os.mkdir("./usr")
os.mkdir("./proc")
os.mkdir(f"./home/{usrname}")
os.mkdir("./sys/krnl/")
print("Copying files...")
shutil.move("./main.py", "./sys/jail_mgr.py")
shutil.move("./sh.py", "./bin/shell.py")
@@ -85,4 +84,4 @@ else:
f.write(usrname)
f.close()
print("Install completed! Run ./main.py to start the kernel!")
input("Press <Enter> to exit! ")
input("Press <Enter> to exit! ")

View File

@@ -1 +1 @@
0.1.1-main1
0.2.0-main1

29
main.py
View File

@@ -1,6 +1,6 @@
"""
This is the PyJail, a jailing tool for running Python apps in a sandboxed environment.
Version: 0.2.1-next1
Version: 0.2.0-main1
"""
import os
import time
@@ -9,7 +9,7 @@ import runpy
class PyJail:
"""
The jail manager, handles all system calls and such.
The
"""
def __init__(self, debug=False):
self.rootpath = ""
@@ -41,7 +41,7 @@ class PyJail:
self._program_counter += 1
runpy.run_path(path_to_bin)
def msg(self, caller: str, message: str, emit: bool = False, log_level: str = "INFO"):
def msg(self, caller: str, message:str, emit: bool = False, log_level: str = "INFO"):
"""
The custom message parser, can parse messages and alert apps of said messages.
Replaces print statements.
@@ -132,24 +132,9 @@ class PyJail:
self.msg("jailmgr.fs()", message=rootpath, log_level="INFO")
return rootpath
def kver(self):
@staticmethod
def kver():
"""
Returns the kernel version
Returns the jail manager version
"""
return "0.2.1-next1"
def netsock(self, ip, port, mode, msg):
"""
An easy interface to network sockets, built right into the jailmanager
Args:
ip: The IP of the server to access.
port: The port to access the server on
mode: Either UDP, TCP or PKG (HTTP)
msg: The message to send the server
Returns:
Whatever the server returns.
"""
raise NotImplementedError("TODO: Netsock will be implemented once 0.3.0 comes around!")
return "0.2.0-main1"

40
sh.py
View File

@@ -1,60 +1,44 @@
"""
The shell for PyNVOS
Version: 0.2.0.0399
Version: 0.1.0-main1
"""
import importlib
import os
import cmd
import shutil
# from ..sys.krnl import Kernel
print(__name__)
class shell(cmd.Cmd):
jail_mgr = importlib.import_module(".jail_mgr", "vfs.sys")
jailmgr = jail_mgr.PyJail()
kver = jailmgr.kver()
intro = f"Shell started, PyNVOS {kver}"
prompt = "shell-0.2$ "
intro = "Shell started, PyNVOS 0.1.1-main1"
prompt = "shell-0.1.0$ "
file = None
krnl = importlib.import_module(".jail_mgr", "vfs.sys")
kernel = krnl.Kernel()
print(str(kernel) + " " + str(type(kernel)))
def do_cd(self, args):
"""Changes directory"""
args = shell.jailmgr.fs(args)
args = shell.kernel.fs(args)
os.chdir(args)
def do_exec(self, args):
"""Allows you to execute a file"""
# Apps in /bin should be allowed to launch without first adding /bin/ or ./, just the name of the executable
# So for ledit it should be just 'ledit' and not /bin/ledit.py or ./ledit.py
bins_in_bin = os.listdir(self.jailmgr.fs("/bin"))
bins_in_bin = os.listdir(shell.kernel.fs("/bin"))
apps_strip = []
for apps in bins_in_bin:
if apps.endswith(".py"):
apps_strip.append(apps.strip(".py"))
if args in apps_strip:
shell.jailmgr.run_program(f"/bin/{args}.py")
shell.kernel.run_program(f"/bin/{args}.py")
else:
shell.jailmgr.run_program(args)
shell.kernel.run_program(args)
def do_ls(self, none):
"""Lists the content of a directory"""
os.listdir(os.getcwd())
def do_pkg(self, pkg):
"""Downloads packages over the internet."""
self.jailmgr.netsock(f"https://pkg.novacow.ch/repo/{kver}/meta/{pkg}.pmd", 443, "PKG", "<null>")
shutil.copy(self.jailmgr.fs(f"/usr/netsock/cache/{pkg}.pmd"), self.jailmgr.fs(f"/usr/pkg/metacache/"))
with open(self.jailmgr.fs(f"/usr/pkgs/metacache/{pkg}.pmd"), "r") as f:
package_meta = f.read()
f.close()
print(package_meta)
y_n_confirmation = input("Do you want to install this package? [y/N] ")
if y_n_confirmation.lower() != "y":
print("Aborted.")
return
self.jailmgr.netsock(f"https://pkg.novacow.ch/repo/{kver}/main/static/binary/{pkg}.py", 443, "PKG", "<null>")
shutil.copy(self.jailmgr.fs(f"/usr/netsock/cache/{pkg}.py"), self.jailmgr.fs(f"/usr/bin/"))
def postloop(self):
pass
@@ -62,6 +46,6 @@ class shell(cmd.Cmd):
if __name__ == '<run_path>':
shell().cmdloop()
if __name__ == '__main__':
print("The shell can't be ran as a standalone program and must be ran in conjunction with the jail manager.")
print("The shell can't be ran as a standalone program and must be ran in conjunction with the kernel.")
input("Press Enter to continue...")
exit(-1)
exit(-1)

View File

@@ -1 +1 @@
0.1.0
0.2 build 0036