Want to restrict the import of certain python modules like OS, sys or subprocess

I an running a jupyter environment (jupyter lab) inside a docker container
I want to restrict the imports of certain python modules like os, sys and subprocess
such that a untrusted user is unable to access of manipulate any os level files.
is there a way to achieve that?

My main goal is to restrict users from accessing os level folders and filessystem.

is this approach valid and can this be achieved?

A custom kernel would be the way to do this, since the kernel is what’s responsible for interpreting user code. but it is strongly advised to implement such restrictions at a higher level than user code execution, especially if code to be executed is Python. The point of Jupyter is arbitrary code execution and it’s quite difficult to lock that down in general, but also in Python in particular where there are many ways to access e.g. the os module (sys.modules["os"], getattron any other module that may have importedos`).

If you want to write a custom kernel with your own DSL that prohibits imports, etc. you might be able to , as long as what you want to allow users to do is extremely limited. But if you want anything like “do anything except this”, then I think it’s very unlikely that you will be successful at the kernel level.

A much stronger approach is to assume arbitrary code execution in the notebook itself, but lock down the container in which the notebook executes so that no matter what they manage to execute, you know they can’t do the kinds of things you don’t want them to outside the the container. There are lots of powerful tools for locking down containers so they can’t do anything you don’t want them to, no matter what code is executed, especially things like restricting filesystem access.

1 Like