Hey, I don't know if this is a subject that's been beat to death or not as
I'm new to the group, but I wanted to ask whether anyone's extended Ruby to
allow scripts to (dis)allow access to files based on some sort of user
defined mechanism.
I'm writing an application that will allow individual users to write (and
execute) their own Ruby scripts within a confined subtree of my filesystem,
and I want to basically add checks to any function that accesses files,
whether through the File class, or the Dir class, or whatever. The users
in my system are not all trusted equally, and I want to grant varying
degrees of privilege to each. I also want to restrict access to sockets
and other I/O mechanisms, but that's easier to do since all I have to do is
not make the library available.
I've been reading through the code in the ruby-1.8.2 source tree, and I'm
learning how it's all tied together. I guess my question is where to put
my checks. Also, I feel funny even suggesting this because it seems to go
against everything I've read about Ruby making things less complicated and
bloated.
Anyway, flames or comments are appreciated.
-John
John Allen wrote:
Hey, I don't know if this is a subject that's been beat to death or not as
I'm new to the group, but I wanted to ask whether anyone's extended Ruby to
allow scripts to (dis)allow access to files based on some sort of user
defined mechanism.
[...]
I've been reading through the code in the ruby-1.8.2 source tree, and I'm
learning how it's all tied together. I guess my question is where to put
my checks. Also, I feel funny even suggesting this because it seems to go
against everything I've read about Ruby making things less complicated and
bloated.
I'd suggest using $SAFE and having a custom interface for doing IO that goes through your special privilege checks. But you might be right in that patching Ruby for this would make security breaches less likely.
John Allen wrote:
Hey, I don't know if this is a subject that's been beat to death or not as
I'm new to the group, but I wanted to ask whether anyone's extended Ruby to
allow scripts to (dis)allow access to files based on some sort of user
defined mechanism.
This is what users and permissions on OS level are good for; I think it will be _very_ hard to implement it in ruby.
Andreas Schwarz wrote:
John Allen wrote:
Hey, I don't know if this is a subject that's been beat to death or not as
I'm new to the group, but I wanted to ask whether anyone's extended Ruby to
allow scripts to (dis)allow access to files based on some sort of user
defined mechanism.
This is what users and permissions on OS level are good for; I think it will be _very_ hard to implement it in ruby.
I concur with Andreas, this isn't necessarily the job for ruby to be doing, nor your scripts. It adds unnecessarily complexities to a problem ruby shouldn't be solving anyways. Let your OS do this. It will save you from headache.
Zach