Sandbox capabilities of GraalVM regarding python #518
Description
This is less than an issue, and more of some questions about the status of GraalVM sandboxing and Python.
Some context:
We are embedding python on our OpenJDK container image (eclipse-temurin:21-jre), and as of now our biggest concern as of now is security, more so than performance. For now all we want is functional transform of numerical/String inputs, and interop with just a couple java classes that we expose through annotation. For now we are evaluating if it would be possible to securely embed python in our main ETL server, or if we will need to have a seperate isolated pod to run it.
Also, we are currently working with versions 24.1.2, since 24.2.x is not yet supported in the latest Quarkus LTS version (they confirmed it's going to be fixed on the next release). We are also not as of now working with venv, instead using the standard enviroment created by Polyglot, support for extra modules will be evaluated once we can get a sterile but secure enviroment running.
It's mostly meeting our expecations, but it seems some sandboxing options are not yet there for python
The question:
I've been having issue finding out specific information on what is the status of sandboxing when it comes to python. I understand that python support is relatively new, and it poses significant challenges, but I am wondering if I'm just missing where some documentation might be located. Now, to some specific issues I would like to ask about:
Access to system environment variables
I tried .allowEnvironmentAccess(EnvironmentAccess.NONE), but the guest application still have access to print the system variables, which my understand should not happen with that option. Is my understanding correct and is this on your radar?
SandboxPolicy
I tried a more restrictive SandboxPolicy, but got the message that python only supports SandboxPolicy.TRUSTED. Is there somewhere I could follow the progress on that end?
Thanks for the work your doing by the way