From bb7dfbc2fed037b344916acfd479e854b2d9303f Mon Sep 17 00:00:00 2001
From: CaptainB <bin@fit2cloud.com>
Date: Wed, 5 Nov 2025 21:19:53 +0800
Subject: [PATCH] fix: set environment variables for banned hosts and preload
 library in sandbox execution

---
 apps/common/utils/tool_code.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/apps/common/utils/tool_code.py b/apps/common/utils/tool_code.py
index aa0a3fe12..efdda108c 100644
--- a/apps/common/utils/tool_code.py
+++ b/apps/common/utils/tool_code.py
@@ -54,8 +54,6 @@ try:
     path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
     sys.path = [p for p in sys.path if p not in path_to_exclude]
     sys.path += {python_paths}
-    os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
-    os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
     locals_v={'{}'}
     keywords={keywords}
     globals_v=globals()
@@ -162,8 +160,6 @@ logging.getLogger("mcp.server").setLevel(logging.ERROR)
 path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
 sys.path = [p for p in sys.path if p not in path_to_exclude]
 sys.path += {python_paths}
-os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
-os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
 exec({dedent(code)!a})
 """
 
@@ -202,7 +198,10 @@ exec({dedent(code)!a})
             file.write(_code)
             os.system(f"chown {self.user}:root {exec_python_file}")
         kwargs = {'cwd': BASE_DIR}
-        kwargs['env'] = {}
+        kwargs['env'] = {
+            'LD_PRELOAD': '/opt/maxkb-app/sandbox/sandbox.so',
+            'MAXKB_SANDBOX_PYTHON_BANNED_HOSTS': self.banned_hosts,
+        }
         subprocess_result = subprocess.run(
             ['su', '-s', python_directory, '-c', "exec(open('" + exec_python_file + "').read())", self.user],
             text=True,