-
-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BitCCL Integration #165
Comments
From the further investigation, I think it is not possible to limit BitCCL execution fully, for example:
Executed in BitCCL environment, will return a list of all classes ever defined, providing access to all dangerous functions and modules because they are partially used in helper functions. We have two approaches: either we can use RestrictedPython or we just not limit the merchants at all. Because, re-thinking it, actually we still provide some helper functions for editing the database, so an attacker could just write the code which gets all wallets xpubs and sends it to remote server, we can't limit this as this is a valid use case for some merchants, but a privacy issue for others. That means that maybe that restriction is not necessary and possible anyway, and merchants just must validate the scripts they get from untrusted sources |
We have decided to use RestrictedPython |
This issue contains a list of improvements in the BitCCL area (integrating it):
template.__globals__['os'].listdir('/')
Note: BitCCL might be implemented as a plugin (see #242)
The text was updated successfully, but these errors were encountered: