fix: set environment variables for banned hosts and preload library in sandbox execution

Author: liuruibin

apps/common/utils/tool_code.py

@@ -54,8 +54,6 @@ def exec_code(self, code_str, keywords):
     path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
     sys.path = [p for p in sys.path if p not in path_to_exclude]
     sys.path += {python_paths}
-    os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
-    os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
     locals_v={'{}'}
     keywords={keywords}
     globals_v=globals()
@@ -162,8 +160,6 @@ def generate_mcp_server_code(self, code_str, params):
 path_to_exclude = ['/opt/py3/lib/python3.11/site-packages', '/opt/maxkb-app/apps']
 sys.path = [p for p in sys.path if p not in path_to_exclude]
 sys.path += {python_paths}
-os.environ['MAXKB_SANDBOX_PYTHON_BANNED_HOSTS'] = '{self.banned_hosts}'
-os.environ['LD_PRELOAD'] = '/opt/maxkb-app/sandbox/sandbox.so'
 exec({dedent(code)!a})
 """
 
@@ -202,7 +198,10 @@ def _exec_sandbox(self, _code, _id):
             file.write(_code)
             os.system(f"chown {self.user}:root {exec_python_file}")
         kwargs = {'cwd': BASE_DIR}
-        kwargs['env'] = {}
+        kwargs['env'] = {
+            'LD_PRELOAD': '/opt/maxkb-app/sandbox/sandbox.so',
+            'MAXKB_SANDBOX_PYTHON_BANNED_HOSTS': self.banned_hosts,
+        }
         subprocess_result = subprocess.run(
             ['su', '-s', python_directory, '-c', "exec(open('" + exec_python_file + "').read())", self.user],
             text=True,