From 3445e05aea8fda9c5d1da84a19c8b2ab8e5a4616 Mon Sep 17 00:00:00 2001
From: liqiang-fit2cloud <liqiang@fit2cloud.com>
Date: Wed, 5 Nov 2025 19:03:17 +0800
Subject: [PATCH] feat: add MAXKB_SANDBOX_PYTHON_BANNED_HOSTS env to ban host
 for sandbox in tools code.

---
 apps/common/utils/tool_code.py | 4 ++--
 installer/sandbox.c            | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/common/utils/tool_code.py b/apps/common/utils/tool_code.py
index 1c922e27b..aa0a3fe12 100644
--- a/apps/common/utils/tool_code.py
+++ b/apps/common/utils/tool_code.py
@@ -54,8 +54,8 @@ try:
     path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
     sys.path = [p for p in sys.path if p not in path_to_exclude]
     sys.path += {python_paths}
+    os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
     os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
-    os.environ['SANDBOX_BANNED_HOSTS'] = {self.banned_hosts}
     locals_v={'{}'}
     keywords={keywords}
     globals_v=globals()
@@ -162,8 +162,8 @@ logging.getLogger("mcp.server").setLevel(logging.ERROR)
 path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
 sys.path = [p for p in sys.path if p not in path_to_exclude]
 sys.path += {python_paths}
+os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
 os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
-os.environ['SANDBOX_BANNED_HOSTS'] = {self.banned_hosts}
 exec({dedent(code)!a})
 """
 
diff --git a/installer/sandbox.c b/installer/sandbox.c
index 1ba4e6b3c..13bd4632e 100644
--- a/installer/sandbox.c
+++ b/installer/sandbox.c
@@ -8,7 +8,7 @@
 #include <regex.h>
 #include <unistd.h>
 
-static const char *ENV_NAME = "SANDBOX_BANNED_HOSTS";
+static const char *ENV_NAME = "MAXKB_SANDBOX_PYTHON_BANNED_HOSTS";
 
 static int match_env_patterns(const char *target, const char *env_val) {
     if (!target || !env_val || !*env_val) return 0;