hoodwink.d enhanced


The Standard (Freaky, But Not FreakyFreaky) Sandbox #

by why in inspect

Before I get into how to lock down the sandbox, let’s talk about what kinds of nifty things you can do with it when you’re just running your own code.

 dir_proc = proc { Dir['/*'] }

 require 'sandbox'
 sbox = Sandbox.new
 sbox.eval("Kernel").module_eval do
   define_method(:root_directory) do

This is the “plain” Sandbox mode. Sandbox.new. It’s not as focused on security. You can pass objects in and out. So eval("Kernel") gives us the Kernel in the sandbox. Here’s proof:

 >> Kernel.method(:p)
 => #<Method: Kernel.p>
 >> sbox.eval("Kernel").method(:p)
 undefined method `method' for Kernel:Module (NoMethodError)

So “plain” mode lets us add directly to the objects. In the first example, a method gets added to the sandbox Kernel. A proc is used to get a scope that’s outside the Sandbox. (Sandboxes clear out Ruby’s scope list.)

 >> sbox.eval("root_directory")
 => ["/usr", "/var", ...]

And, check it out, no method on the real Kernel. But you can copy it back if you like.

 >> Kernel.respond_to? :root_directory
 => false
 >> Kernel.send :define_method, :root_directory,
 ..   &sbox.eval("Kernel.method(:root_directory)")
 >> Kernel.send :root_directory
 => ["/usr", "/var", ...]

I envision Railsers will use this to keep the web server in contact with apps mounted in different sandboxes. Unless this rains havoc on Mongrel’s threads. I guess we’ll see!

said on 21 Jul 2006 at 03:14

So… Are we going to see an example of the FreakyFreaky Sandbox really Freaking ruby?

said on 21 Jul 2006 at 21:10

i like it.

said on 23 Jul 2006 at 17:15

Cool stuff. This could be really useful for ruby-driven irc-bots, I’m thinking. I am writing an irc-library for ruby; would I need to do anything special to support your Sandbox well? Or could you simply load up my irclib in a sandbox object and be fine?

11 Jul 2010 at 21:31

* do fancy stuff in your comment.