poetry-restrict-plugin
This Poetry plugin aims to restrict Poetry's allowed accesses to what it needs to fulfill its function, the goal is to apply principle of least privilege to our development tooling.
Motivation
What's the worst thing that could happen if you install a malicious Python dependency on your computer? Which information could it gather from your files, and how could it make itself a permanent home on your computer?
With poetry-restrict-plugin, that looks as follows:
$ poetry run cat ~/.ssh/config
poetry-restrict-plugin: Landlocked & unshared.
cat: /home/jc/.ssh/config: Permission denied
$ poetry run ls ~/.ssh
poetry-restrict-plugin: Landlocked & unshared.
ls: cannot open directory '/home/jc/.ssh': Permission denied
Installation
poetry-restrict-plugin is currently only supported on Linux with the Landlock
LSM enabled. It also
requires user namespacing to be enabled.
Installation depends on how you installed Poetry. With
pipx:
pipx inject poetry poetry-restrict-plugin
Alternatively, you can install it with poetry self add:
poetry self add poetry-restrict-plugin
See poetry self add --help for more options for installation, including
installing development versions.
For other installation methods, see the Poetry plugin documentation.
Usage
The plugin will automatically run whenever you invoke poetry. If you run into an
error with it and need an escape hatch, you can re-run your command with the
environment variable POETRY_NO_RESTRICT=1 set.
Development
Please send patches to me by e-mail.
Disclaimer
poetry-restrict-plugin is not a perfect sandbox, and probably never will be.
If you're looking for something like that,
nsjail might be interesting for you.
License
poetry-restrict-plugin is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
poetry-restrict-plugin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with poetry-restrict-plugin; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.