Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Ruby > Sandboxing librarys

Reply
Thread Tools

Sandboxing librarys

 
 
Dominik Werder
Guest
Posts: n/a
 
      08-22-2004
Hello!

In my program I try to allow any user to write own code (event handler
here) to be loaded and included automatically.

To enhance security, can I prevent the author to use specific
functions like eval, exec, File.* and so on?

If I can, is it then secure? My goal is to let the author only write
handler functions that return something but he must not for example
modify the system classes, write files, do network and something like
that..

Thanks for suggestions!

Dominik
 
Reply With Quote
 
 
 
 
ts
Guest
Posts: n/a
 
      08-22-2004
>>>>> "D" == Dominik Werder <(E-Mail Removed)> writes:

D> To enhance security, can I prevent the author to use specific
D> functions like eval, exec, File.* and so on?

Look at $SAFE


Guy Decoux




 
Reply With Quote
 
 
 
 
zuzu
Guest
Posts: n/a
 
      08-22-2004
On Sun, 22 Aug 2004 21:05:48 +0900, Dominik Werder <(E-Mail Removed)> wrote:
> Hello!
>
> In my program I try to allow any user to write own code (event handler
> here) to be loaded and included automatically.
>
> To enhance security, can I prevent the author to use specific
> functions like eval, exec, File.* and so on?
>
> If I can, is it then secure? My goal is to let the author only write
> handler functions that return something but he must not for example
> modify the system classes, write files, do network and something like
> that..
>
> Thanks for suggestions!
>
> Dominik



check out the capability security model.
http://www.erights.org/elib/capability/index.html
http://www.skyhunter.com/marcs/capab...tro/index.html

'from objects to capabilities':
http://www.erights.org/elib/capabili...abilities.html

peace,
-z


 
Reply With Quote
 
klaus schilling
Guest
Posts: n/a
 
      08-24-2004
ts writes:
> >>>>> "D" == Dominik Werder <(E-Mail Removed)> writes:

>
> D> To enhance security, can I prevent the author to use specific
> D> functions like eval, exec, File.* and so on?
>
> Look at $SAFE


is that like perl's Safe module, with configurable departments
for evaluation ?

Klaus Schilling


 
Reply With Quote
 
David Ross
Guest
Posts: n/a
 
      08-24-2004
This is one area I would like to see improve. I think
there should be support to limit memory, processes,
threads, etc.

SAFE provides limited restrictions.



--- klaus schilling <(E-Mail Removed)>
wrote:

> ts writes:
> > >>>>> "D" == Dominik Werder <(E-Mail Removed)>

> writes:
> >
> > D> To enhance security, can I prevent the author

> to use specific
> > D> functions like eval, exec, File.* and so on?
> >
> > Look at $SAFE

>
> is that like perl's Safe module, with configurable
> departments
> for evaluation ?
>
> Klaus Schilling
>
>

----------------------------------------
-- Name: David Ross
-- Phone: 865.539.3798
-- Email: drossruby [at] yahoo [dot] com
----------------------------------------



__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail


 
Reply With Quote
 
ts
Guest
Posts: n/a
 
      08-24-2004
>>>>> "D" == David Ross <(E-Mail Removed)> writes:

D> This is one area I would like to see improve. I think
D> there should be support to limit memory, processes,
D> threads, etc.

These are OS things and must be done at OS level


Guy Decoux



 
Reply With Quote
 
ts
Guest
Posts: n/a
 
      08-24-2004
>>>>> "k" == klaus schilling <(E-Mail Removed)> writes:

k> is that like perl's Safe module, with configurable departments
k> for evaluation ?

I don't know Safe


Guy Decoux





 
Reply With Quote
 
David Ross
Guest
Posts: n/a
 
      08-24-2004
These are things that *could* be built in features as
well. It would be nice to set limits without running
expternal commands.

--- ts <(E-Mail Removed)> wrote:

> >>>>> "D" == David Ross <(E-Mail Removed)>

> writes:
>
> D> This is one area I would like to see improve. I
> think
> D> there should be support to limit memory,
> processes,
> D> threads, etc.
>
> These are OS things and must be done at OS level
>
>
> Guy Decoux
>
>
>


----------------------------------------
-- Name: David Ross
-- Phone: 865.539.3798
-- Email: drossruby [at] yahoo [dot] com
----------------------------------------



_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush


 
Reply With Quote
 
Dominik Werder
Guest
Posts: n/a
 
      08-25-2004
> D> To enhance security, can I prevent the author to use specific
> D> functions like eval, exec, File.* and so on?
>
> Look at $SAFE


So I can load external code which can't modify anything else but
itself.

But how can I prevent the code from reading all files?
Docs say only "Can't load a file from a world-writable directory."

And how can I remove any function I do not want from the wrapping
environment while I for myself am still able to use them?

Or is already done by using anonymous modules? If yes, how? I couldn't
understand this

thanks!
Dominik
 
Reply With Quote
 
ts
Guest
Posts: n/a
 
      08-26-2004
>>>>> "D" == Dominik Werder <(E-Mail Removed)> writes:

D> Or is already done by using anonymous modules? If yes, how? I couldn't
D> understand this

It's really depend on what you want to do, this is why it's difficult to
give a general response. A stupid example :

svg% cat b.rb
#!/usr/bin/ruby
file = "#{ENV['HOME']}/c.rb"
begin
Thread.new do
$SAFE = 4
load(file, true)
end.join
rescue
p $!
end

load(file)
svg%

svg% cat c.rb
#!/usr/bin/ruby
system("echo hello")
svg%

svg% b.rb
#<SecurityError: Insecure operation - system>
hello
svg%



Guy Decoux


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OCR librarys Timothy Smith Python 5 10-13-2008 04:28 PM
Sandboxing a computation? Russell Wallace Java 20 09-21-2007 11:37 AM
Chroot Jail Not Secure for Sandboxing Python? gregpinero@gmail.com Python 16 07-03-2007 11:03 PM
Adobe Lightroom with black Librarys, Collections, and Filmstrips.. robertilling@hotmail.com Digital Photography 1 02-21-2007 02:48 PM
Keyboard and mouse librarys Nolan Martin C++ 8 07-24-2004 04:07 AM



Advertisments