Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

what is this I don't even #12

Open
lukism opened this issue Aug 26, 2016 · 3 comments
Open

what is this I don't even #12

lukism opened this issue Aug 26, 2016 · 3 comments

Comments

@lukism
Copy link

lukism commented Aug 26, 2016

I was trying to make a command that evaluates clojure in sandbox and got stuck with an error

code:

(ns bot.modules.sb-eval
  (:require [bot.registry :as registry])
  (:use [clojail.core :only [sandbox]]
        [clojail.testers :only [secure-tester]]))

(def sb (sandbox secure-tester :timeout 5000))

(println (sb '(+ 3 3)))

error:

Exception in thread "main" java.util.concurrent.ExecutionException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "createClassLoader"), compiling:(bot/modules/sb_eval.clj:8:1)
    at clojure.lang.Compiler.load(Compiler.java:7391)
    at clojure.lang.RT.loadResourceScript(RT.java:372)
    at clojure.lang.RT.loadResourceScript(RT.java:363)
    at clojure.lang.RT.load(RT.java:453)
    at clojure.lang.RT.load(RT.java:419)
    at clojure.core$load$fn__5677.invoke(core.clj:5893)
    at clojure.core$load.invokeStatic(core.clj:5892)
    at clojure.core$load.doInvoke(core.clj:5876)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invokeStatic(core.clj:5697)
    at clojure.core$load_one.invoke(core.clj:5692)
    at clojure.core$load_lib$fn__5626.invoke(core.clj:5737)
    at clojure.core$load_lib.invokeStatic(core.clj:5736)
    at clojure.core$load_lib.doInvoke(core.clj:5717)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invokeStatic(core.clj:648)
    at clojure.core$load_libs.invokeStatic(core.clj:5774)
    at clojure.core$load_libs.doInvoke(core.clj:5758)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invokeStatic(core.clj:648)
    at clojure.core$require.invokeStatic(core.clj:5796)
    at clojure.core$require.doInvoke(core.clj:5796)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at bot.core$eval258$fn__259.invoke(core.clj:11)
    at clojure.core$map$fn__4785.invoke(core.clj:2644)
    at clojure.lang.LazySeq.sval(LazySeq.java:40)
    at clojure.lang.LazySeq.seq(LazySeq.java:49)
    at clojure.lang.RT.seq(RT.java:521)
    at clojure.core$seq__4357.invokeStatic(core.clj:137)
    at clojure.core$dorun.invokeStatic(core.clj:3024)
    at clojure.core$dorun.invoke(core.clj:3024)
    at bot.core$eval258.invokeStatic(core.clj:10)
    at bot.core$eval258.invoke(core.clj:10)
    at clojure.lang.Compiler.eval(Compiler.java:6927)
    at clojure.lang.Compiler.load(Compiler.java:7379)
    at clojure.lang.RT.loadResourceScript(RT.java:372)
    at clojure.lang.RT.loadResourceScript(RT.java:363)
    at clojure.lang.RT.load(RT.java:453)
    at clojure.lang.RT.load(RT.java:419)
    at clojure.core$load$fn__5677.invoke(core.clj:5893)
    at clojure.core$load.invokeStatic(core.clj:5892)
    at clojure.core$load.doInvoke(core.clj:5876)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at clojure.core$load_one.invokeStatic(core.clj:5697)
    at clojure.core$load_one.invoke(core.clj:5692)
    at clojure.core$load_lib$fn__5626.invoke(core.clj:5737)
    at clojure.core$load_lib.invokeStatic(core.clj:5736)
    at clojure.core$load_lib.doInvoke(core.clj:5717)
    at clojure.lang.RestFn.applyTo(RestFn.java:142)
    at clojure.core$apply.invokeStatic(core.clj:648)
    at clojure.core$load_libs.invokeStatic(core.clj:5774)
    at clojure.core$load_libs.doInvoke(core.clj:5758)
    at clojure.lang.RestFn.applyTo(RestFn.java:137)
    at clojure.core$apply.invokeStatic(core.clj:648)
    at clojure.core$require.invokeStatic(core.clj:5796)
    at clojure.core$require.doInvoke(core.clj:5796)
    at clojure.lang.RestFn.invoke(RestFn.java:408)
    at user$eval5$fn__7.invoke(form-init767063852949366950.clj:1)
    at user$eval5.invokeStatic(form-init767063852949366950.clj:1)
    at user$eval5.invoke(form-init767063852949366950.clj:1)
    at clojure.lang.Compiler.eval(Compiler.java:6927)
    at clojure.lang.Compiler.eval(Compiler.java:6917)
    at clojure.lang.Compiler.load(Compiler.java:7379)
    at clojure.lang.Compiler.loadFile(Compiler.java:7317)
    at clojure.main$load_script.invokeStatic(main.clj:275)
    at clojure.main$init_opt.invokeStatic(main.clj:277)
    at clojure.main$init_opt.invoke(main.clj:277)
    at clojure.main$initialize.invokeStatic(main.clj:308)
    at clojure.main$null_opt.invokeStatic(main.clj:342)
    at clojure.main$null_opt.invoke(main.clj:339)
    at clojure.main$main.invokeStatic(main.clj:421)
    at clojure.main$main.doInvoke(main.clj:384)
    at clojure.lang.RestFn.invoke(RestFn.java:421)
    at clojure.lang.Var.invoke(Var.java:383)
    at clojure.lang.AFn.applyToHelper(AFn.java:156)
    at clojure.lang.Var.applyTo(Var.java:700)
    at clojure.main.main(main.java:37)
Caused by: java.util.concurrent.ExecutionException: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "createClassLoader")
    at java.util.concurrent.FutureTask.report(FutureTask.java:122)
    at java.util.concurrent.FutureTask.get(FutureTask.java:206)
    at clojail.core$thunk_timeout.invokeStatic(core.clj:38)
    at clojail.core$thunk_timeout.invoke(core.clj:24)
    at clojail.core$sandbox_STAR_$fn__1196.doInvoke(core.clj:223)
    at clojure.lang.RestFn.invoke(RestFn.java:425)
    at clojure.lang.AFn.applyToHelper(AFn.java:156)
    at clojure.lang.RestFn.applyTo(RestFn.java:132)
    at clojure.core$apply.invokeStatic(core.clj:650)
    at clojure.core$apply.invoke(core.clj:641)
    at clojail.core$sandbox$fn__1203.doInvoke(core.clj:237)
    at clojure.lang.RestFn.invoke(RestFn.java:410)
    at bot.modules.sb_eval$eval1380.invokeStatic(sb_eval.clj:8)
    at bot.modules.sb_eval$eval1380.invoke(sb_eval.clj:8)
    at clojure.lang.Compiler.eval(Compiler.java:6927)
    at clojure.lang.Compiler.load(Compiler.java:7379)
    ... 76 more
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "createClassLoader")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
    at java.security.AccessController.checkPermission(AccessController.java:884)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
    at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:611)
    at java.lang.ClassLoader.checkCreateClassLoader(ClassLoader.java:274)
    at java.lang.ClassLoader.<init>(ClassLoader.java:316)
    at java.security.SecureClassLoader.<init>(SecureClassLoader.java:76)
    at java.net.URLClassLoader.<init>(URLClassLoader.java:100)
    at clojure.lang.DynamicClassLoader.<init>(DynamicClassLoader.java:41)
    at clojure.lang.RT$7.run(RT.java:2126)
    at java.security.AccessController.doPrivileged(Native Method)
    at clojure.lang.RT.makeClassLoader(RT.java:2121)
    at clojure.lang.Compiler.eval(Compiler.java:6897)
    at clojure.lang.Compiler.eval(Compiler.java:6890)
    at clojure.core$eval.invokeStatic(core.clj:3105)
    at clojure.core$eval.invoke(core.clj:3101)
    at clojail.core$evaluator$fn__1182$fn__1183$fn__1184.invoke(core.clj:162)
    at clojail.jvm$priv_action$fn__487.invoke(jvm.clj:31)
    at clojail.jvm.proxy$java.lang.Object$PrivilegedAction$810645dd.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at clojure.lang.Reflector.invokeMatchingMethod(Reflector.java:93)
    at clojure.lang.Reflector.invokeStaticMethod(Reflector.java:207)
    at clojail.jvm$jvm_sandbox.invokeStatic(jvm.clj:36)
    at clojail.jvm$jvm_sandbox.invoke(jvm.clj:33)
    at clojail.core$evaluator$fn__1182$fn__1183.invoke(core.clj:162)
    at clojure.lang.AFn.applyToHelper(AFn.java:152)
    at clojure.lang.AFn.applyTo(AFn.java:144)
    at clojure.core$apply.invokeStatic(core.clj:646)
    at clojure.core$with_bindings_STAR_.invokeStatic(core.clj:1881)
    at clojure.core$with_bindings_STAR_.doInvoke(core.clj:1881)
    at clojure.lang.RestFn.invoke(RestFn.java:425)
    at clojail.core$evaluator$fn__1182.invoke(core.clj:162)
    at clojure.lang.AFn.call(AFn.java:18)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.lang.Thread.run(Thread.java:745)
@hypirion
Copy link

You need to add a java policy, a default one can be placed at ~/.java.policy. The most liberal one is probably https://github.com/Raynes/clojail/blob/master/example.policy and is fine if you have control over the sandbox yourself.

@lukism
Copy link
Author

lukism commented Sep 11, 2016

Any existing policy for a public bot where I don't trust people?

@hypirion
Copy link

hypirion commented Sep 11, 2016
edited
Loading

Well, the policy in itself is no good security wise. However, I'm pretty sure both TryClojure and lazybot uses that policy, but they use it with the secure-tester tester in clojail.testers, which severely limits calls a user can do. It's been battle tested for quite some time so for a bot I would argue that should be sufficient.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hypirion @lukism