On Mon, Dec 28, 2009 at 9:41 AM, andrew mcelroy <sophrinix / gmail.com> wrote:
> You may want to take a look at why_sandbox if you are on 1.8 MRI ruby.
>

That's actually what I found first, but I'd like my app to be ruby
1.8.7 compatible... it looked like that required a patched version of
1.8.6?  I also looked into jruby which appeared to have a similar
feature in the mainstream distribution, but I couldn't get it to
work...

>
> Not a bad start.
>
> When I tried to use a collection to contain malicious code in Try
> Ruby, I had my rear end handed to me.
> It was about as secure as allowing a printer read and write to your
> password file.
>
> Also, it was slow. There are a lot of dirty ways to execute system commands.
>
> $SAFE isn't used all that often anymore, but it may help in your case.
>
Yeah, setting $SAFE to 3 stopped every attempt at executing system
commands that I tried.  I wanted to set it to 4, but that proved to be
too restrictive.  Due to the nature of my program it was possible to
create scripts that ran at a lower safe level if the safe level was
set to 3 alone, so I hope that keeping people out of all classes
except some whitelisted ones will solve that problem.

Thanks for the reply!


Is there a way in ruby of calling up a class without the constant that
refers to it being accessible?  If so, that would blow a big hole in
my method here...

-Jonathan Nielsen