@@ -29,7 +29,7 @@ def __init__(self, sandbox=False):
2929 else :
3030 self .sandbox_path = os .path .join (PROJECT_DIR , 'data' , 'sandbox' )
3131 self .user = None
32- self .sandbox_so_path = f'{ self .sandbox_path }
32+ self .sandbox_so_path = f'{ self .sandbox_path } lib/ sandbox.so'
3333 self .process_timeout_seconds = int (CONFIG .get ("SANDBOX_PYTHON_PROCESS_TIMEOUT_SECONDS" , '3600' ))
3434 try :
3535 self ._init_dir ()
@@ -60,10 +60,9 @@ def _init_dir(self):
6060 tmp_dir_path = os .path .join (self .sandbox_path , 'tmp' )
6161 os .makedirs (tmp_dir_path , 0o700 , exist_ok = True )
6262 os .system (f"chown -R { self .user } { tmp_dir_path } )
63- if os .path .exists (self .sandbox_so_path ):
64- os .chmod (self .sandbox_so_path , 0o440 )
6563 # 初始化sandbox配置文件
66- sandbox_conf_file_path = f'{ self .sandbox_path }
64+ sandbox_lib_path = os .path .dirname (self .sandbox_so_path )
65+ sandbox_conf_file_path = f'{ sandbox_lib_path }
6766 if os .path .exists (sandbox_conf_file_path ):
6867 os .remove (sandbox_conf_file_path )
6968 allow_subprocess = CONFIG .get ("SANDBOX_PYTHON_ALLOW_SUBPROCESS" , '0' )
@@ -75,7 +74,7 @@ def _init_dir(self):
7574 with open (sandbox_conf_file_path , "w" ) as f :
7675 f .write (f"SANDBOX_PYTHON_BANNED_HOSTS={ banned_hosts } \n " )
7776 f .write (f"SANDBOX_PYTHON_ALLOW_SUBPROCESS={ allow_subprocess } \n " )
78- os .chmod ( sandbox_conf_file_path , 0o440 )
77+ os .system ( f"chmod -R g-wx { sandbox_lib_path } "
7978
8079 def exec_code (self , code_str , keywords ):
8180 _id = str (uuid .uuid7 ())
0 commit comments