Add a security task to ensure task file are protected

tasks/pentest.task

@@ -0,0 +1,10 @@
+{
+    "environment": "python",
+    "taskfs": "pentest.sfs",
+    "limits": {
+        "time": 60,
+        "memory": 32,
+        "disk": 50,
+        "output": 1024
+    }
+}

tasks/pentest/control

@@ -0,0 +1,4 @@
+/task/scripts/preprocess.py
+/task/scripts/generate.py
+!/task/scripts/execute.py
+/task/scripts/feedback.py

tasks/pentest/scripts/execute.py

@@ -0,0 +1,34 @@
+#!/usr/bin/python3
+    # -*- coding: utf-8 -*-
+    # Course: Pentesting
+    # Problem: Access solution file
+    # Execution script
+
+    import sys
+
+    sys.path.append('/task/static')
+    from lib import pythia
+
+    # Redirect stdout and stderr
+    sys.stdout = open('/tmp/work/output/stdout', 'w')
+    sys.stderr = open('/tmp/work/output/stderr', 'w')
+
+    # Try to import student's code
+    sys.path.append('/tmp/work')
+    try:
+      import test1
+    except Exception as e:
+      print(e, file=sys.stderr)
+      sys.exit(0)
+
+    class TaskTestSuite(pythia.TestSuite):
+      def __init__(self):
+        pythia.TestSuite.__init__(self, '/tmp/work/input/data.csv')
+
+      def studentCode(self, data):
+        return test1.getSolutionAttempt()
+
+      def parseTestData(self, data):
+        return data[0]
+
+    TaskTestSuite().run('/tmp/work/output', 'data.res')

tasks/pentest/scripts/feedback.py

@@ -0,0 +1,47 @@
+#!/usr/bin/python3
+    # -*- coding: utf-8 -*-
+    # Course: Apprendre Python
+    # Problem: Nombre de lettres
+    # Feedback script
+
+    import ast
+    import csv
+    import json
+    import os
+    import sys
+
+    sys.path.append('/task/static')
+    from lib import pythia
+
+    import math
+
+    def getSolutionAttempt():
+      return True 
+
+    class TaskFeedbackSuite(pythia.FeedbackSuite):
+      def __init__(self, config):
+        pythia.FeedbackSuite.__init__(self, '/tmp/work/output/stderr', None,
+          '/tmp/work/input/data.csv', '/tmp/work/output/data.res', config)
+
+      def teacherCode(self, data):
+        return getSolutionAttempt()
+
+      def parseTestData(self, data):
+        return data[0]
+
+    # Retrieve task id
+    with open('/tmp/work/tid', 'r', encoding='utf-8') as file:
+    tid = file.read()
+    output = {'tid': tid, 'status': 'failed', 'feedback': {'score': 0}}
+
+    # Read test configuration
+    config = []
+    with open('/task/config/test.json', 'r', encoding='utf-8') as file:
+    content = file.read()
+    config = json.loads(content)
+    config = config['predefined']
+    (verdict, feedback) = TaskFeedbackSuite(config).generate()
+    output['feedback'] = feedback
+    output['status'] = 'success' if verdict else 'failed'
+
+    print(json.dumps(output))

tasks/pentest/scripts/generate.py

@@ -0,0 +1,19 @@
+#!/usr/bin/python3
+    # -*- coding: utf-8 -*-
+    # Course: Pentesting
+    # Problem: Access solution file
+    # Test generation script
+
+    import csv
+    import json
+    import os
+    import sys
+
+    sys.path.append('/task/static')
+    from lib import pythia
+
+    # Read test configuration and generate test data
+    with open('/task/config/test.json', 'r', encoding='utf-8') as file:
+        content = file.read()
+        config = json.loads(content)
+        pythia.generateTestData('/tmp/work/input', 'data.csv', config)

tasks/pentest/scripts/preprocess.py

@@ -0,0 +1,23 @@
+ #!/usr/bin/python3
+    # -*- coding: utf-8 -*-
+    # Course: Pentesting
+    # Problem: Access solution file
+    # Preprocessing script
+
+    import json
+    import sys
+
+    sys.path.append('/task/static')
+    from lib import pythia
+
+    # Setup working directory
+    pythia.setupWorkingDirectory('/tmp/work')
+
+    # Read input data and fill skeleton files
+    data = sys.stdin.read().rstrip('\0')
+    input = json.loads(data)
+    pythia.fillSkeletons('/task/skeleton', '/tmp/work', input['fields'])
+
+    # Save task id
+    with open('/tmp/work/tid', 'w', encoding='utf-8') as file:
+        file.write(input['tid'])

tasks/pentest/skeleton/test1.py

@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# Course: Apprendre Python
+# Problem: Nombre de lettres
+
+import sys
+
+sys.path.append('/task/static')
+from lib import pythia
+
+def getSolutionAttempt():
+       ''' I check permissions on each scripts using os.access '''
+       teacherFiles = [
+           '/task/scripts/preprocess.py',
+           '/task/scripts/generate.py',
+           '/task/scripts/feedback.py'
+       ]
+
+       for file in teacherFiles:
+           if os.access(file, os.R_OK) or os.access(file, os.X_OK):
+               return False
+
+       return True