JRuby does support FFI, for calling C libraries, so one approach to
using your existing code would be to write a thin C wrapper and bind
it with FFI.

An alternative would be to write a thin JNI (Java Native Interface)
wrapper and use that from JRuby just like any Java API. The level of
effort would be similar to writing a Ruby C ext.

In any case, keep me posted. If you decide to go with JRuby, perhaps
we can collaborate on coming up with appropriate permissions and
security policies.

- Charlie

On Sun, Dec 18, 2011 at 8:48 PM, Garthy D
<garthy_lmkltybr / entropicsoftware.com> wrote:
>
> Hi Charlie,
>
> I have no realm experience with JRuby, although at a glance it might be a
> closer fit with respect to securing running plugins. I might be stuck in
> this regard though as a good chunk of the app is already written, and
> C++-based. The cost of moving across might prove to be too high in my
> particular case, but at the very least it gives me something to explore and
> think about. Thankyou for sharing- this is probably not an area I would have
> thought to investigate on my own. :)
>
> Garth
>
>
> On 19/12/11 12:16, Charles Oliver Nutter wrote:
>>
>> On Sun, Dec 18, 2011 at 2:16 AM, Garthy D
>> <garthy_lmkltybr / entropicsoftware.com> wrote:
>>>
>>>
>>> Hi all,
>>>
>>> I am working on an embedded Ruby application that may support
>>> user-written
>>> Ruby plugins in the future, and I am trying to get a rough idea as to
>>> what
>>> is and isn't possible, as it will affect the design I go with. Basically,
>>> if
>>> you've worked on such a thing before, please share your experiences. :)
>>
>>
>> There's a number of folks using JRuby for this, most notable the
>> "Rails for Zombies" online course, which runs JRuby in a sandboxed
>> environment and allows students to run their code directly on the
>> server.
>>
>> I am not a fan of $SAFE at all. I don't trust it, and I don't think
>> anyone else should either. The JVM's security model is far more
>> robust, and works well to secure a JRuby instance. There are many
>> examples of secure JVM-based services running major sites, such as all
>> of apps deployed to Google AppEngine for Java. I know of no example of
>> anyone running $SAFE mode in Ruby in a real-world setting.
>>
>> I'm also looking to make JRuby's integration with the JVM security
>> model more robust in JRuby 1.7. At the very least, I'd like to have
>> equivalent built-in modes similar to SAFE levels that use JVM security
>> policies to enforce restrictions. Beyond that, I would like a full
>> complement of JVM permissions for Ruby-specific features like
>> evaluating code, reopening classes, and so on. You'll be able to
>> choose a pre-packaged SAFE-like policy, or roll your own.
>>
>> I'd love to see Ruby adopt a real security model. Until then, I'll
>> keep trying to make JRuby utilize the JVM's model better.
>>
>> - Charlie
>>
>
>