Hi,
the Chapter "Locking Ruby in the Safe" says this should
work:
fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'puts "hello"'
end
Thread.start {
$SAFE = 4
load fn, true
}.join
I get an error:
in `load': Insecure operation `load' at level 4 (SecurityError)
Why?
Thanks in advance.
Bertram
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de
the Chapter "Locking Ruby in the Safe" says this should
work:fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'puts "hello"'
end
Thread.start {
$SAFE = 4
load fn, true
}.joinI get an error:
in `load': Insecure operation `load' at level 4 (SecurityError)
Why?
This is the expected behaviour: inside the thread you create you set
the $SAFE level to 4, meaning that from here on within the thread you
can't access variables from outside the thread scope. What you can do
is either hardcode the file name in the #load or pass an argument to
the thread:
Thread.start(File.expand_path(fn)) { |fn|
$SAFE = 4
load fn, true
}.join
The expand_path is because you cannot load a relative path when in
$SAFE >= 2.
Notice that your 'dummy.rb' file contains a call to Kernel#puts, which
is also not allowed. Try it with:
File.open fn, 'w' do |f|
f.puts 'raise "hello"'
end
HTH,
Assaph
Hi Assaph,
> the Chapter "Locking Ruby in the Safe" says this should
> work:This is the expected behaviour: inside the thread you create you set
the $SAFE level to 4, meaning that from here on within the thread you
can't access variables from outside the thread scope. What you can do
is either hardcode the file name in the #load or pass an argument to
the thread:> Thread.start(File.expand_path(fn)) { |fn|
> $SAFE = 4
> load fn, true
> }.joinThe expand_path is because you cannot load a relative path when in
$SAFE >= 2.
Thank you very much for your detailed answer. I'm afraid to
say the program still doesn't work:
$ cat safe.rb
fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'raise "hello"'
end
Thread.start( File.expand_path( fn)) do |fn|
$SAFE = 4
load fn, true
end.join
$ ruby safe.rb
safe.rb:7:in `load': Insecure operation - load
(SecurityError)
from safe.rb:5:in `join'
from safe.rb:5
$
All I wanted to do is run the thread in its own environment.
I will use fork.
Bertram
Am Dienstag, 01. Feb 2005, 06:50:45 +0900 schrieb Assaph Mehr:
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de
Thank you very much for your detailed answer. I'm afraid to
say the program still doesn't work:$ cat safe.rb
fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'raise "hello"'
end
Thread.start( File.expand_path( fn)) do |fn|
$SAFE = 4
load fn, true
end.join$ ruby safe.rb
safe.rb:7:in `load': Insecure operation - load
(SecurityError)
from safe.rb:5:in `join'
from safe.rb:5
$
Works fine for me: ruby 1.8.2 (2004-11-06) [i386-mswin32]
All I wanted to do is run the thread in its own environment.
I will use fork.
.... from which I understand you're on *nix, right? I think 'load' will
not access files from globally writable locations on unix. This is done
interntionally to prevent loading of non-secure files. Since you write
the file locally, it might be considered unsafe.
HTH,
Assaph
> $SAFE = 4
> load fn, trueWorks fine for me: ruby 1.8.2 (2004-11-06) [i386-mswin32]
> All I wanted to do is run the thread in its own environment.
> I will use fork..... from which I understand you're on *nix, right?
Yes, Linux.
I think 'load' will
not access files from globally writable locations on unix. This is done
interntionally to prevent loading of non-secure files. Since you write
the file locally, it might be considered unsafe.
I switched off every writeable flag I could find. The error
stays the same.
Thank you very much, anyway.
Bertram
Am Mittwoch, 02. Feb 2005, 06:35:44 +0900 schrieb Assaph Mehr:
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de