15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-26 01:33:05 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

feat: add MAXKB_SANDBOX_PYTHON_BANNED_HOSTS env to ban host for sandbox in tools code.

This commit is contained in:
liqiang-fit2cloud 2025-11-05 16:55:29 +08:00
parent 9971df1a02
commit b7152867a3
3 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/common/utils/tool_code.py
View File

@ -197,7 +197,7 @@ exec({dedent(code)!a})
file.write(_code)
os.system(f"chown {self.user}:root {exec_python_file}")
kwargs = {'cwd': BASE_DIR}
kwargs['env'] = {'LD_PRELOAD': '/opt/maxkb-app/apps/sanbox_ban_host.so'}
kwargs['env'] = {'LD_PRELOAD': '/opt/maxkb-app/apps/sandbox.so'}
subprocess_result = subprocess.run(
['su', '-s', python_directory, '-c', "exec(open('" + exec_python_file + "').read())", self.user],
text=True,

2
installer/Dockerfile
View File

@ -13,7 +13,7 @@ RUN apt-get update && \
apt-get clean all && \
rm -rf /var/lib/apt/lists/*
WORKDIR /opt/maxkb-app
RUN gcc -shared -fPIC -o /opt/maxkb-app/apps/sanbox_ban_host.so /opt/maxkb-app/installer/sanbox_ban_host.c -ldl && \
RUN gcc -shared -fPIC -o /opt/maxkb-app/apps/sandbox.so /opt/maxkb-app/installer/sandbox.c -ldl && \
rm -rf /opt/maxkb-app/ui && \
pip install uv --break-system-packages && \
python -m uv pip install -r pyproject.toml && \

0
sanbox_ban_host.c → installer/sanbox.c
View File