Ensure pupy doesn't execute any shit from the system

2017-03-06 14:48:56 +02:00 · 2017-03-06 14:48:56 +02:00 · 248094d89d
parent 29d7e1ad5b
commit 248094d89d
3 changed files with 27 additions and 3 deletions
--- a/client/gen_python_bootloader.py
+++ b/client/gen_python_bootloader.py
@ -61,7 +61,7 @@ if __name__=="__main__":

    bootloader = [
        remove_stdout if not args.debug else 'print "DEBUG"\n',
-        'import sys; sys.path=[]; ' + (
+        'import sys; sys.path=[]; sys.path_hooks=[]; sys.meta_path=[];' + (
            'sys.argv = [];' if not args.pass_argv else ''
        ) + 'sys.prefix = ""; \n',
        pupyload.format('pupyimporter', repr(pupyimporter)),
--- a/client/library_patches/uuid.py
+++ b/client/library_patches/uuid.py
@ -334,6 +334,24 @@ def _find_mac(command, args, hw_identifiers, get_index):
    except IOError:
        pass

+def _sysfs_getnode():
+    """Get the hardware address on Unix by running ifconfig."""
+    import os
+    try:
+        ifaces = sorted([
+            (
+                int(open('/sys/class/net/{}/ifindex'.format(x)).read()),
+                open('/sys/class/net/{}/address'.format(x)).read().strip()
+            ) for x in os.listdir(
+                '/sys/class/net'
+            ) if int(open('/sys/class/net/{}/type'.format(x)).read()) == 1 ])[:1]
+
+        if ifaces:
+            return int(ifaces[0][1].replace(':', ''), 16)
+
+    except:
+        pass
+
 def _ifconfig_getnode():
    """Get the hardware address on Unix by running ifconfig."""
    # This works on Linux ('' or '-a'), Tru64 ('-av'), but not all Unixes.
@ -558,8 +576,8 @@ def getnode():
    if sys.platform == 'win32':
        getters = [_windll_getnode, _netbios_getnode, _ipconfig_getnode]
    else:
-        getters = [_unixdll_getnode, _ifconfig_getnode, _arp_getnode,
-                   _lanscan_getnode, _netstat_getnode]
+        getters = [_unixdll_getnode, _sysfs_getnode, _ifconfig_getnode,
+                       _arp_getnode, _lanscan_getnode, _netstat_getnode]

    for getter in getters + [_random_getnode]:
        try:
--- a/pupy/packages/all/pupyimporter.py
+++ b/pupy/packages/all/pupyimporter.py
@ -367,6 +367,12 @@ def install(debug=False):
        sys.path.append('pupy://')
        sys.path_importer_cache.clear()

+        import platform
+        platform._syscmd_uname = lambda *args, **kwargs: ''
+        platform.architecture = lambda *args, **kwargs: (
+            '32bit' if pupy.get_arch() is 'x86' else '64bit', ''
+        )
+
    if 'win' in sys.platform:
        import pywintypes
    if __debug: