Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Apps Engine

From: Jeremy Kelley <jeremy () austin ibm com>
Date: Tue, 8 Apr 2008 10:26:49 -0500
Quoting Dave Aitel (dave () immunityinc com):

Google has some fairly ambitious plans for their hosted application 
development as far as security is concerned. For example, here is a 
Python shell on a Google box: http://shell.appspot.com/ . How awesome is 
that? Neel Mehta must be working overtime to secure all of this. I hope 
they're running grsec on those boxes. :>

I can think of a lot of neat ways to use the Google API. A few lines of 
code in SPIKE Proxy which hooks it up to the Google.urlfetch() and you 
have a web proxy that bounces through any machine Google decides to push 
you out of. Their database looks pretty useful as well for the kinds of 
large forms of data security tools generate.

So now we know what Guido has been up to! :>


I got involved in one of those irc discussions "what if ..."  and went
and looked at how hard it'd be to clean up the std library of any
functions that actually touched the filesystem and handled process
creation.  It wouldn't be difficult, but you'd have to also add some
hooks to handle manipulation of sys.path to avoid pulling in other libs
and files via imports.  For the most part, a standard compiled
interpreter could be sanitized quite easily just by removing many of the
stdlibs.  There are certain calls that come to mind like open() that are
builtin and C that I believe would be a bit harder to cleanup, though.

Even those could easily be sanitized by just some fun with function
pointers.

    >>> open=lambda *x: "no"
    >>> open('/etc/passwd')
    'no'

I can't get to the shell right now, as apparently, your email to the
list has sparked a bit of traffic.

    This Google App Engine application is temporarily over its serving
    quota. Please try again later.

I wonder if this is what they're doing to lock it down, or if they truly
sandboxed the whole thing in some secure way.

-jeremy

-- 
Jeremy Kelley <jeremy () austin ibm com>               Sr. Threat Analyst
gpg  1024D/E0DF8B2D  4BC3 B8B5 5B42 CC8E B6A9 2E85 32D3 C51C E0DF 8B2D
That's the problem with science.  You've got a bunch of empiricists
trying to describe things of unimaginable wonder.      -Bill Watterson
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: