dify沙盒

Yeuoly 0d4e3fdf43 fix 1 рік тому
.github ffb985ce39 fix 1 рік тому
build b2833fe168 fix 1 рік тому
cmd b3834c9465 feat: tests 1 рік тому
conf b564037413 fix 1 рік тому
dependencies 62954e9c30 fix: amd64 1 рік тому
dev 0d4e3fdf43 fix 1 рік тому
docker ec0a2aff6f fix 1 рік тому
internal 70ed5255f3 fix: amd64 1 рік тому
tests b3834c9465 feat: tests 1 рік тому
.gitignore 0c0c84cf46 init project 1 рік тому
README.md 164a642d1e update: readme 1 рік тому
go.mod 54778029a9 feat: nodejs 1 рік тому
go.sum 54778029a9 feat: nodejs 1 рік тому
install.sh 91696da794 fix 1 рік тому

README.md

Dify-Sandbox

Requirements

sudo apt-get install pkg-config libseccomp-dev

Introduction

Dify-Sandbox offers a simple way to run untrusted code in a secure environment. It is designed to be used in a multi-tenant environment, where multiple users can submit code to be executed. The code is executed in a sandboxed environment, which restricts the resources and system calls that the code can access.

Stack

  • Service: Gin
  • Library: Go
  • Sandbox: Seccomp

Principle

  1. Run ./build/build.sh to build a Linux native binary file which contains the seccomp filter
  2. A temp directory is created for each code execution
  3. Launch the code execution in a new process and set a chroot jail to restrict the access to the file system
  4. Set the seccomp filter using native library to restrict the system calls that the code can access
  5. Drop the privileges of the process to a non-root user which could not access any resource
  6. Execute the code and capture the output

For now, Dify-Sandbox supports syscalls below:

var allowedSyscalls = []int{
    // file io, only write and close file descriptor
	SYS_WRITE, SYS_CLOSE,
	// thread, used to fasten the execution
	SYS_FUTEX,
	// memory, allocate and free memory
	SYS_MMAP, SYS_BRK, SYS_MPROTECT, SYS_MUNMAP,
	// user/group, used to drop the privileges
	SYS_SETUID, SYS_SETGID,
	// process
	SYS_GETPID, SYS_GETPPID, SYS_GETTID,
	SYS_EXIT, SYS_EXIT_GROUP,
	SYS_TGKILL, SYS_RT_SIGACTION,
	// time
	SYS_CLOCK_GETTIME, SYS_GETTIMEOFDAY, SYS_TIME, SYS_NANOSLEEP,
	SYS_EPOLL_CTL,
}