faking a filesystem / virtual filesystem

Posted by attwad on Stack Overflow See other posts from Stack Overflow or by attwad
Published on 2010-03-16T06:24:40Z Indexed on 2010/03/16 6:36 UTC
Read the original article Hit count: 687

Filed under:
|
|
|

I have a web service to which users upload python scripts that are run on a server. Those scripts process files that are on the server and I want them to be able to see only a certain hierarchy of the server's filesystem (best: a temporary folder on which I copy the files I want processed and the scripts).

The server will ultimately be a linux based one but if a solution is also possible on Windows it would be nice to know how.

What I though of is creating a user with restricted access to folders of the FS - ultimately only the folder containing the scripts and files - and launch the python interpreter using this user.

Can someone give me a better alternative? as relying only on this makes me feel insecure, I would like a real sandboxing or virtual FS feature where I could run safely untrusted code.

© Stack Overflow or respective owner

Related posts about filesystems

Related posts about server