Kevin Brown wrote: > On Saturday 08 October 2005 09:09, James Britt wrote: > >>aurelianito wrote: >> >>>Hello! >>>It's my (Aureliano) again. >>> >>>I'm trying to implement something similar to the Java Security Manager >>>for Ruby. The project is currently in prealpha stage at rubyforge >>>(http://securedruby.rubyforge.org). >> >>If detecting malicious code is essentially impossible, would it be a >>reasonable alternative to compile a version of Ruby that simply could >>not do Bad Things? Change or remove all methods of potential evil. No >>'system', no file manipulation, no 'dl', that sort of thing. Then >>execute all foreign code in this sandboxed version. > > > Thread.new do > $SAFE = 4 > # Do what you want > end > > Sandboxed and all. Guaranteed? James