security: fix reverse shell vulnerability in function library.

Author: liqiang-fit2cloud

apps/common/util/function_code.py

@@ -88,7 +88,7 @@ def _exec_sandbox(self, _code, _id):
             os.system(f"chown {self.user}:{self.user} {exec_python_file}")
         kwargs = {'cwd': BASE_DIR}
         subprocess_result = subprocess.run(
-            ['su', '-c', python_directory + ' ' + exec_python_file, self.user],
+            ['su', '-s', python_directory, '-c', "exec(open('" + exec_python_file + "').read())", self.user],
             text=True,
             capture_output=True, **kwargs)
         os.remove(exec_python_file)

installer/Dockerfile

@@ -70,7 +70,7 @@ RUN chmod 755 /opt/maxkb/app/installer/run-maxkb.sh && \
     useradd --no-create-home --home /opt/maxkb/app/sandbox sandbox -g root && \
     chown -R sandbox:root /opt/maxkb/app/sandbox && \
     chmod g-x /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/15/bin/* && \
-    chmod g+x /usr/local/bin/python* /bin/sh
+    chmod g+x /usr/local/bin/python*
 
 EXPOSE 8080