spyce provides Python bindings for FreeBSD's Capsicum sandboxing framework.
It uses cffi, so it works with CPython 2 & 3 as well as PyPy.
spyce currently provides the following:
cap_rights_limit(2)/cap_rights_get(3), and all ofrights(4):
from spyce import Rights, getFileRights, CAP_READ, CAP_SEEK
with open('somefile', 'rb') as f:
originalRights = getFileRights(f)
assert originalRights & {CAP_READ, CAP_SEEK}
Rights([CAP_READ, CAP_SEEK]).limitFile(f)
# do some stuff! from spyce import FcntlRights, getFileFcntlRights, CAP_FCNTL_GETFL
with open('somefile', 'rb') as f:
originalFcntlRights = getFileFcntlRights(f)
assert CAP_FCNTL_GETFL in originalFcntlRights
FcntlRights([CAP_FCNTL_GETFL]).limitFile(f)
# do some stuff! from spyce import IoctlRights, getFileIoctlRights, CAP_IOCTLS_ALL
from termios import FIOCLEX
with open('somefile', 'rb') as f:
originalIoctlRights = getFileIoctlRights(f)
assert originalIoctlRights.allIoctls
IoctlRights([FIOCLEX]).limitFile(f)
# do some stuff!All limitFile methods work on objects with .fileno() methods or integers.