I'd like a sandbox that simply disallows system calls, like creating files etc, so that anybody can supply some code that can be eval-ed within the sandbox, with no known potential for harm.
I know about safe levels, but I googled it and there was some discussion about how there were ways to thwart that. I also found this, which seems quite nice: http://github.com/tario/shikashi
But I have yet to get that working. Are there any other ways to go about this? Perhaps there are other ways in JRuby? I'd just like to allow the sort of operations you'd need for most algorithms, so all the usual methods of arrays, numbers, hashes and strings basically, and perhaps some selected custom classes. It would also probably be nice if you could somehow limit the memory/cpu taken up by the code in the sandbox, if that's at all possible.
···
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
I'd like a sandbox that simply disallows system calls, like creating files etc, so that anybody can supply some code that can be eval-ed within the sandbox, with no known potential for harm.
I know about safe levels, but I googled it and there was some discussion about how there were ways to thwart that. I also found this, which seems quite nice: GitHub - tario/shikashi: shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke with a white list logic
But I have yet to get that working. Are there any other ways to go about this? Perhaps there are other ways in JRuby? I'd just like to allow the sort of operations you'd need for most algorithms, so all the usual methods of arrays, numbers, hashes and strings basically, and perhaps some selected custom classes. It would also probably be nice if you could somehow limit the memory/cpu taken up by the code in the sandbox, if that's at all possible.
Update: I found a replacement for why's old freaky sandbox that works with jruby: http://flouri.sh/2009/4/4/how-to-set-up-the-jruby-sandboxStill not sure how to account for memory consumption/cpu, but I'm guessing there may be some JVM configuration setting that can do something about that. And a simple timeout for infinite or lengthy loops is good enough for my case.
···
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3
It would be pretty simple to assembly a JVM security policy file and
apply it to a JRuby run. You can disallow all filesystem access or
access to specific locations, and a lot more. I've thought about
trying to explicitly define some policies for the same things Ruby
safe levels give you, but in general it's not that hard to put
together a sandboxed JVM running JRuby.
···
On Fri, Jul 23, 2010 at 2:07 AM, Ehsanul Hoque <ehsanul_g3@hotmail.com> wrote:
I'd like a sandbox that simply disallows system calls, like creating files etc, so that anybody can supply some code that can be eval-ed within the sandbox, with no known potential for harm.
I know about safe levels, but I googled it and there was some discussion about how there were ways to thwart that. I also found this, which seems quite nice: GitHub - tario/shikashi: shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke with a white list logic
But I have yet to get that working. Are there any other ways to go about this? Perhaps there are other ways in JRuby? I'd just like to allow the sort of operations you'd need for most algorithms, so all the usual methods of arrays, numbers, hashes and strings basically, and perhaps some selected custom classes. It would also probably be nice if you could somehow limit the memory/cpu taken up by the code in the sandbox, if that's at all possible.
_________________________________________________________________
The New Busy is not the old busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_3