Ruby sandbox secure enough for evaluating any code?

[Ehsanul Hoque]

I'd like a sandbox that simply disallows system calls=2C like creating file=
s etc=2C so that anybody can supply some code that can be eval-ed within th=
e sandbox=2C with no known potential for harm.
I know about safe levels=2C but I googled it and there was some discussion =
about how there were ways to thwart that. I also found this=2C which seems =
quite nice: http://github.com/tario/shikashi
But I have yet to get that working. Are there any other ways to go about th=
is? Perhaps there are other ways in JRuby? I'd just like to allow the sort =
of operations you'd need for most algorithms=2C so all the usual methods of=
arrays=2C numbers=2C hashes and strings basically=2C and perhaps some sele=
cted custom classes. It would also probably be nice if you could somehow li=
mit the memory/cpu taken up by the code in the sandbox=2C if that's at all =
possible. =20
_________________________________________________________________
The New Busy is not the old busy. Search=2C chat and e-mail from your inbox=

 

[Ehsanul Hoque]

I'd like a sandbox that simply disallows system calls=2C like creating fi=

les etc=2C so that anybody can supply some code that can be eval-ed within =
the sandbox=2C with no known potential for harm.

I know about safe levels=2C but I googled it and there was some discussio=

n about how there were ways to thwart that. I also found this=2C which seem=
s quite nice: http://github.com/tario/shikashi

But I have yet to get that working. Are there any other ways to go about =

this? Perhaps there are other ways in JRuby? I'd just like to allow the sor=
t of operations you'd need for most algorithms=2C so all the usual methods =
of arrays=2C numbers=2C hashes and strings basically=2C and perhaps some se=
lected custom classes. It would also probably be nice if you could somehow =
limit the memory/cpu taken up by the code in the sandbox=2C if that's at al=
l possible.=20
Update: I found a replacement for why's old freaky sandbox that works with =
jruby: http://flouri.sh/2009/4/4/how-to-set-up-the-jruby-sandboxStill not s=
ure how to account for memory consumption/cpu=2C but I'm guessing there may=
be some JVM configuration setting that can do something about that. And a =
simple timeout for infinite or lengthy loops is good enough for my case. =
=20
_________________________________________________________________
The New Busy is not the old busy. Search=2C chat and e-mail from your inbox=

 

[Charles Oliver Nutter]

It would be pretty simple to assembly a JVM security policy file and
apply it to a JRuby run. You can disallow all filesystem access or
access to specific locations, and a lot more. I've thought about
trying to explicitly define some policies for the same things Ruby
safe levels give you, but in general it's not that hard to put
together a sandboxed JVM running JRuby.

I'd like a sandbox that simply disallows system calls, like creating file=

s etc, so that anybody can supply some code that can be eval-ed within the =
sandbox, with no known potential for harm.

I know about safe levels, but I googled it and there was some discussion =

about how there were ways to thwart that. I also found this, which seems qu=
ite nice: http://github.com/tario/shikashi

But I have yet to get that working. Are there any other ways to go about =

this? Perhaps there are other ways in JRuby? I'd just like to allow the sor=
t of operations you'd need for most algorithms, so all the usual methods of=
arrays, numbers, hashes and strings basically, and perhaps some selected c=
ustom classes. It would also probably be nice if you could somehow limit th=
e memory/cpu taken up by the code in the sandbox, if that's at all possible=