Restricting access to CLR functionality in Alternet IronPython script

Hi,

We have recently added scripting functionality to our product using Alternet with Iron Python. Within the script editor the user is able to access the System module and .NET CLR functions.

Is there a way to restrict what is available to the user in the script editor? Specifically we would want to at least remove access to anything within the System namespace.

Thanks,

Hamish

Hi Hamish,

If you’d like to limit IronPython parser code completion to not show types from the system namespaces, you just need to remove these namespaces from CodeEnvironment.Imports.

Please modify PythonParser quick start project in Alternet.Studio.AllDemos.IronPython solution like this:

        var imports = new List<string>();

        //imports.Add("System");
        //imports.Add("System.Drawing");
        //imports.Add("System.Windows.Forms");


        codeEnvironment = new CodeEnvironment(null, paths, imports, null, Alternet.Common.TechnologyEnvironment.System);
        pythonParser.CodeEnvironment = codeEnvironment;

then the code completion will not display any System types.

Please let me know if this is what you’re looking for.

Kind regards,
Dmitry

Hi Dmitry,

Thanks for the reply,

I’d actually like to prevent the end user from being able to call anything from the System namespace within the IronPython parser.

We don’t import any System namespace functions into our code environment and after initialising a codeEnviroment without the Alternet.Common.TechnologyEnvironment.System param, I am still able to access CLR functions from the System namespace.

Is this by default included in the parser or can it be disabled?

Hi Hamish,

Thank you for the clarification. So far, it looks like System and mscorlib are always part of the IronPython clr module, even if they’re not added explicitly via references/imports.

We will dig into it a bit further, and I will let you know about our findings.

Kind regards,
Dmitry

Hi Dmitry,

Thanks for looking into that, that confirms our investigation into it also. Sanitising our inputs to the IronPython parser looks like the way to go for the moment.

Thanks,
Hamish

Hi Hamish,

We looked at it a bit further; Python runtime has the option NoDefaultReferences, which suppresses adding mscorlb and System assemblies by default.

Below is the relevant code, which shows how to create a descendant ScriptRun class that turns this option on.

internal class MyScriptHost : Alternet.Scripter.IronPython.IronPythonScriptHost
{
    public MyScriptHost(IScriptRun scriptRun)
        : base(scriptRun)
    {
    }

    protected ScriptRuntimeSetup CreateRuntimeSetup(IDictionary<string, object> options)
    {
        ScriptRuntimeSetup setup = new ScriptRuntimeSetup();
        setup.LanguageSetups.Add(Python.CreateLanguageSetup(options));

        if (options != null)
        {
            foreach (var option in options)
            {
                setup.Options.Add(option);
            }

            object value;
            if (options.TryGetValue("Debug", out value) && value is bool && (bool)value)
            {
                setup.DebugMode = true;
            }

            if (options.TryGetValue("PrivateBinding", out value) && value is bool && (bool)value)
            {
                setup.PrivateBinding = true;
            }
        }

        return setup;
    }

    protected ScriptRuntime CreateRuntime(IDictionary<string, object> options)
    {
        return new ScriptRuntime(CreateRuntimeSetup(options));
    }

    protected override ScriptEngine CreateEngine()
    {
        return Python.GetEngine(CreateRuntime(new Dictionary<string, object> { { "Debug", true }, { "PrivateBinding", true }, { "NoDefaultReferences", true } }));
        //return Python.CreateEngine(new Dictionary<string, object> { { "Debug", true }, { "PrivateBinding", true }, { "NoDefaultReferences", true } }); // would be nice if it worked, but it does not 
    }
}

Please also note that you need to ensure there’s no System/mscorlib in the References property and ReferencedFrameworks is set to none.

        scriptRun1.ScriptSource.References.Clear();
        scriptRun1.ScriptSource.ReferencedFrameworks = Alternet.Common.DotNet.Framework.None;

In my tests, these modifications disable using System types in the IronPython script,
unless the user explicitly adds them into the script code like this:

clr.AddReference(“mscorlib”)
clr.AddReference(“System”)
import System
...

Kind regards,
Dmitry

Thanks Dmitry, we’ll try implementing this and see how we go.
Appreciate the assistance