Isolated Python on Windows using Sandboxes
It is generally it is a good minimise the trust given to any particular piece software, and this especially applies when using a diverse set of packages prepared by many different organisations and individual community members. Here are notes on completely isolating Python and any needed selection of pip-installable packages.
A two stage processes is needed:
- First an isolated environment with network access to download the required Python packages. NB this environment has no access to any local data
- Subsequently an isolated environment without network access but with access to selected local data and to selected local software
Bot stages are easily implemented using Windows sanboxes.
Downloading software
I use a sandbox file as follows (save the file with .wsb extension
and then it can be executed with a double click):
<Configuration>
<MemoryInMB>8000</MemoryInMB>
<MappedFolders>
<MappedFolder>
<HostFolder>C:\Users\bojan\soft\incoming</HostFolder>
<SandboxFolder>C:\Users\WDAGUtilityAccount\soft</SandboxFolder>
</MappedFolder>
</MappedFolders>
</Configuration>
The after starting this sandbox, install python:
cd soft
wget https://www.python.org/ftp/python/3.12.1/python-3.12.1-amd64.exe -OutFile python-3.12.1-amd64.exe
.\python-3.12.1-amd64.exe /passive TargetDir=c:\python Shortcuts=0 Include_debug=0 Include_launcher=0 Include_tcltk=0
Final step is to download all the packages and their needed
dependencies using the pip download command. For example, to
download all the packages to develop in Python using jupyter
notebooks use this command:
cd ~\soft
C:\python\Scripts\pip download jupyter -d .
Or if you have a requirements.txt file, copy it to the sandbox and then use:
cd ~\soft
C:\python\Scripts\pip download -r requirements.txt -d .
Consolidate
The software is now in C:\Users\bojan\soft\incoming . Now,
shutdown the sandbox and in the normal windows desktop copy the
downloaded software to a consolidated repo, e.g., :
C:\Users\bojan\soft\main.
Development environment
Now can easily start the development environment. If the necessary
data are in C:\Users\bojan\data\proj1 make them available read-only
to the sandbox, while the code being developed is in
C:\Users\bojan\source\repos\proj1 and is writable:
<Configuration>
<Networking>Disable</Networking>
<MemoryInMB>8000</MemoryInMB>
<MappedFolders>
<MappedFolder>
<HostFolder>C:\Users\bojan\soft\main</HostFolder>
<SandboxFolder>C:\Users\WDAGUtilityAccount\soft</SandboxFolder>
<ReadOnly>true</ReadOnly>
</MappedFolder>
<MappedFolder>
<HostFolder>C:\Users\bojan\data\proj1</HostFolder>
<SandboxFolder>C:\Users\WDAGUtilityAccount\data</SandboxFolder>
<ReadOnly>true</ReadOnly>
</MappedFolder>
<MappedFolder>
<HostFolder>C:\Users\bojan\source\repos\proj1</HostFolder>
<SandboxFolder>C:\Users\WDAGUtilityAccount\proj1</SandboxFolder>
</MappedFolder>
</MappedFolders>
</Configuration>
Now start the sandbox and install the software.
cd ~\soft
.\python-3.12.1-amd64.exe /passive TargetDir=c:\python Shortcuts=0 Include_debug=0 Include_launcher=0 Include_tcltk=0 | Out-Null
C:\python\Scripts\pip install jupyter --no-index --find-links .
cd ~\proj1
C:\python\Scripts\jupyter notebook
See this
StackOverflow
regarding | Out-Null.
Conclusion
The described method allows developing and running large Python applications, e.g., for data processing, while reducing various risks. For example the third-party Python packages have no access at all to the network (so data exfiltration is much harder) and have no access at all to the main Windows system except to the carefully specified source-code directory.
Need more help?
Services related to Python software packaging: https://bnikolic.co.uk/2023/05/22/python-ssc