Handing Out IRB Like It's Sardines #
I’m sort of obsessed with getting people into a Ruby prompt without any installation. The new sandbox_server kicks huge in that direction.
sandbox_server, a balloon:
Serve Ruby sessions over a socket.
This won’t work so well with 1.8.4, so you’ll probably want the latest ruby_1_8 from CVS. It sorta works under 1.8.4 until you have multiple connections and the threads kick in.
Anyway, run the balloon. Then, in another window, you’ll telnet to localhost:5000. Each socket is given its own session. Just hit ENTER and you’ll be given a session id and your IRB session will start.
Connected to localhost. Escape character is '^]'. (Enter) BwDG7bniEo5l44UumTig >> ticket = [12, 47, 35] => [12, 47, 35] >> ticket.object_id => 71618820 >> ^]
So, the session id is that 20-character string that gets spewed. Let’s open another session and be sure the ticket variable isn’t showing up in the other session.
Connected to localhost. Escape character is '^]'. (Enter) 1rf1EED07tJXi9kkmj80 >> ticket => nil >> ticket.object_id => nil
The nil means an exception was thrown. I’m still trying to figure out how to actually catch exceptions which get thrown from the sandbox. You see, rescue won’t catch sandboxed exceptions because they don’t actually descend from Ruby’s normal classes. (However, the stack frames are intact.)
So, to log back into your session. Use LOGIN [SESSID] instead of just hitting ENTER.
Connected to localhost. Escape character is '^]'. LOGIN BwDG7bniEo5l44UumTig BwDG7bniEo5l44UumTig >> ticket => [12, 47, 35]
The best part is: since this is just a plain socket connection with a very braindead protocol, you can easily write scripts for the shell or wrap it in SSH or put up CGIs which interface with this.
Oh, cool: and you can have multiple peoples logged into the same session at once. Pass the dutchie.
MenTaLguY
Seems like the only way to catch a snadbox’d exception is to stick out a C-shot foot as it goes past: namely
rb_rescue. At that point you can wrap it up in aSandboxErroror something for interception by the regular authorities.MenTaLguY
Oh, wait.
rb_rescueonly catches felons descended from Ma StandardError, doesn’t it? Man, that’s a bind.MenTaLguY
Ok, since all this standard class stuff isn’t sacred anyway, could you temporarily have an
rb_cObject->superjust for the duration of yourrb_rescue2?Of course that still hasn’t solved the potential problem of
non-Object-derivedclasses, if you let someone use a C extension permitting that from within a sandbox.MenTaLguY
Anyway, definitely do wrap escaping exceptions in a
SandboxErroror something. That’s how you make that stuff livable.why
Don’t worry, I’ll be able to catch it. Then I’ll reassign the parentage of the exception and re-raise. Because
rb_cModuleis set okay whenrb_rescuegets called inside the freaky snadbox.C extensions should be fine unless they’re holding onto an
rb_cObjectreference from before the sandbox started. I don’t know why anyone would do that, but I’m sure there are cases. I don’t care much about those cases, though. If the symbol tables start to mix, at least the namespaces are clean.FlashHater
This is why I love having why’s SVN repo RSS on my google homepage, I can kinda guess what’s going to happen. It’s like a spider-sense.
The Wog
WHAAAAAAAAAA !!!!!
Where’s the Why I know and love? Where’s the cool meta programming guru emanations that give new meaning to the rest of us with our sorry and meaningless lives!
Rat-holing on sandboxs and IRB prompts from the cloud? AHHHHHHHHHHHHHHHHHHHHHHHH !
Please Why, please, come back to us!!!!!!
The Wog
Please forgive me oh metafoo mushroom master. I have blasphemed!
Your infinite wisdom will soon surely enlighten us to the path of sandbox nirvana.
(self flagellates with a barbed whip)
Go weht
In other words, dance monkey, dance.
It’s not a sandbox, but a secluded beach. Like a nudist beach, where only the people on the beach can see the tawdry code.
And just you wait. After further inspection (and introspection) it will be found that every grain of sand is in fact its own beach.
nil
FlashHater, url to svn rss goodness?? :)
Sasha
Monkey
chickenkiller
nil: Here it is.
enjoy