feat: add MAXKB_SANDBOX_PYTHON_BANNED_HOSTS env to ban host for sandbox in tools code.

2025-12-26 01:33:05 +00:00 · 2025-11-05 19:03:17 +08:00 · 2025-11-05 19:03:17 +08:00 · 1f4d6d1123
parent f0be269cdc
commit 1f4d6d1123
2 changed files with 3 additions and 3 deletions
--- a/apps/common/utils/tool_code.py
+++ b/apps/common/utils/tool_code.py
@ -54,8 +54,8 @@ try:
    path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
    sys.path = [p for p in sys.path if p not in path_to_exclude]
    sys.path += {python_paths}
+    os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
    os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
-    os.environ['SANDBOX_BANNED_HOSTS'] = {self.banned_hosts}
    locals_v={'{}'}
    keywords={keywords}
    globals_v=globals()
@ -162,8 +162,8 @@ logging.getLogger("mcp.server").setLevel(logging.ERROR)
 path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
 sys.path = [p for p in sys.path if p not in path_to_exclude]
 sys.path += {python_paths}
+os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
 os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
-os.environ['SANDBOX_BANNED_HOSTS'] = {self.banned_hosts}
 exec({dedent(code)!a})
 """

--- a/installer/sandbox.c
+++ b/installer/sandbox.c
@ -8,7 +8,7 @@
 #include <regex.h>
 #include <unistd.h>

-static const char *ENV_NAME = "SANDBOX_BANNED_HOSTS";
+static const char *ENV_NAME = "MAXKB_SANDBOX_PYTHON_BANNED_HOSTS";

 static int match_env_patterns(const char *target, const char *env_val) {
    if (!target || !env_val || !*env_val) return 0;