faking a filesystem / virtual filesystem
Posted
by attwad
on Stack Overflow
See other posts from Stack Overflow
or by attwad
Published on 2010-03-16T06:24:40Z
Indexed on
2010/03/16
6:36 UTC
Read the original article
Hit count: 687
I have a web service to which users upload python scripts that are run on a server. Those scripts process files that are on the server and I want them to be able to see only a certain hierarchy of the server's filesystem (best: a temporary folder on which I copy the files I want processed and the scripts).
The server will ultimately be a linux based one but if a solution is also possible on Windows it would be nice to know how.
What I though of is creating a user with restricted access to folders of the FS - ultimately only the folder containing the scripts and files - and launch the python interpreter using this user.
Can someone give me a better alternative? as relying only on this makes me feel insecure, I would like a real sandboxing or virtual FS feature where I could run safely untrusted code.
© Stack Overflow or respective owner