console1984 0.1.7 → 0.1.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 498f37bd3803f7f76e073d91f51e2dc69fc8a00fc575392c3869b2ae4d65d9bf
-  data.tar.gz: 1675df589a603042a54e6de8b835e4434f5a112158521379553e9875b25c9eeb
+  metadata.gz: 472b88a03c5befd81877d190baa41cd0cd4d4a985fff797ddc447e729e6fa56a
+  data.tar.gz: 9c791955b0caf6d49fd655905a9d37a231bb7ee668f5b2a1dd85e4ebd14efdaa
 SHA512:
-  metadata.gz: aa0edb371ac31cd2b87e1b8ddb833482516bed91ff3a5c85c12c10c2206ce7dbe8aba514a6a3aecc2e5d594eee527db78b270cd0789484960c7c98e55ca504aa
-  data.tar.gz: bc595388d7ca433c22a1ccc17a5bb28759cc0b0dd8b5267a061456ad0e17de58be0f95a129689e7fbe88915c709af82d0efd70a3f410f4b40cb0f7e767fa7cb6
+  metadata.gz: 8300ef44660e9b9933ae68ebfc4b26f0e57849c716b1339817e00332407a0696df4e46599f056be186171cc884bf8c8fb4c1eba688aecf7702c04d1ad0ad69a9
+  data.tar.gz: b7a073d5bfc4f648fc10f5bb331320ae0b84a7afa3e1108df9005faedc2f51a338fd9b3d659ecf5fe0744bee6067e444e75dd67a12c53647d6c079fdb554e5fa

data/README.md

@@ -106,11 +106,7 @@ irb(main)> Topic.last.name
 => "{\"p\":\"iu6+LfnNlurC6sL++JyOIDvedjNSz/AvnZQ=\",\"h\":{\"iv\":\"BYa86+JNM/LdkC18\",\"at\":\"r4sQNoSyIlAjJdZEKHVMow==\",\"k\":{\"p\":\"7L1l/5UiYsFQqqo4jfMZtLwp90KqcrIgS7HqgteVjuM=\",\"h\":{\"iv\":\"ItwRYxZAerKIoSZ8\",\"at\":\"ZUSNVfvtm4wAYWLBKRAx/g==\",\"e\":\"QVNDSUktOEJJVA==\"}},\"i\":\"OTdiOQ==\"}}"
 ```
 
-While in protected mode, you can't modify encrypted data, but can save unencrypted attributes normally. If you try to modify an encrypted column it will raise an error:
-
-```ruby
-irb(main)> Rails.cache.read("some key") # raises Console1984::Errors::ProtectedConnection
-```
+While in protected mode, you can't modify encrypted data, but can save unencrypted attributes normally. If you try to modify an encrypted column it will raise an error.
 
 ### Access to external systems
 
@@ -122,7 +118,13 @@ To protect the access to such systems, you can add their URLs to `config.console
 config.console1984.protected_urls = [ "https://my-app-us-east-1-whatever.us-east-1.es.amazonaws.com", "redis://my-app-cache-1.whatever.cache.amazonaws.com:6379" ]
 ```
 
-As with encryption data, running `decrypt!` will let you access these systems normally. The system will ask for a justfication and will flag those accesses as sensitive.
+In the default protected mode, trying to read data from a protected system will be aborted with an error:
+
+```ruby
+irb(main)> Rails.cache.read("some key") # raises Console1984::Errors::ProtectedConnection
+```
+
+Running `decrypt!` will switch you to unprotected mode and let you access these systems normally. The system will ask for a justfication and will flag those accesses as sensitive.
 
 This will work for systems that use Ruby sockets as the underlying communication mechanism.
 

data/config/protections.yml

@@ -0,0 +1,31 @@
+validations:
+  forbidden_reopening:
+    - ActiveRecord
+    - Console1984
+    - PG
+    - Mysql2
+    - IRB
+  forbidden_constant_reference:
+    always:
+      - Console1984
+      - IRB
+    protected:
+      - PG
+      - Mysql2
+      - ActiveRecord::ActiveRecordEncryption
+  suspicious_terms:
+    - console_1984
+    - Console1984
+    - secret
+    - credentials
+    - irb
+forbidden_methods:
+  Kernel:
+    - eval
+  Object:
+    - eval
+  BasicObject:
+    - eval
+    - instance_eval
+  Module:
+    - class_eval

data/lib/console1984/command_executor.rb

@@ -19,13 +19,15 @@ class Console1984::CommandExecutor
     run_as_system { session_logger.before_executing commands }
     validate_command commands
     execute_in_protected_mode(&block)
-  rescue Console1984::Errors::ForbiddenCommand, FrozenError
+  rescue Console1984::Errors::ForbiddenCommandAttempted, FrozenError
     flag_suspicious(commands)
-  rescue Console1984::Errors::SuspiciousCommand
+  rescue Console1984::Errors::SuspiciousCommandAttempted
     flag_suspicious(commands)
     execute_in_protected_mode(&block)
-  rescue FrozenError
+  rescue Console1984::Errors::ForbiddenCommandExecuted
+    # We detected that a forbidden command was executed. We exit IRB right away.
     flag_suspicious(commands)
+    Console1984.supervisor.exit_irb
   ensure
     run_as_system { session_logger.after_executing commands }
   end
@@ -67,15 +69,21 @@ class Console1984::CommandExecutor
     command_validator.validate(command)
   end
 
-  private
-    COMMAND_VALIDATOR_CONFIG_FILE_PATH = Console1984::Engine.root.join("config/command_protections.yml")
+  def from_irb?(backtrace)
+    executing_user_command? && backtrace.find do |line|
+      line_from_irb = line =~ /^[^\/]/
+      break if !(line =~ /console1984\/lib/ || line_from_irb)
+      line_from_irb
+    end
+  end
 
+  private
     def command_validator
       @command_validator ||= build_command_validator
     end
 
     def build_command_validator
-      Console1984::CommandValidator.from_config(YAML.safe_load(File.read(COMMAND_VALIDATOR_CONFIG_FILE_PATH)).symbolize_keys)
+      Console1984::CommandValidator.from_config(Console1984.protections_config.validations)
     end
 
     def flag_suspicious(commands)

data/lib/console1984/command_validator/forbidden_constant_reference_validation.rb

@@ -14,17 +14,17 @@ class Console1984::CommandValidator::ForbiddenConstantReferenceValidation
     @constant_names_forbidden_in_protected_mode = config[:protected] || []
   end
 
-  # Raises a Console1984::Errors::ForbiddenCommand if a banned constant is referenced.
+  # Raises a Console1984::Errors::ForbiddenCommandAttempted if a banned constant is referenced.
   def validate(parsed_command)
     if contains_invalid_const_reference?(parsed_command, @forbidden_constants_names) ||
       (@shield.protected_mode? && contains_invalid_const_reference?(parsed_command, @constant_names_forbidden_in_protected_mode))
-      raise Console1984::Errors::ForbiddenCommand
+      raise Console1984::Errors::ForbiddenCommandAttempted
     end
   end
 
   private
     def contains_invalid_const_reference?(parsed_command, banned_constants)
-      parsed_command.constants.find do |constant_name|
+      (parsed_command.constants + parsed_command.constant_assignments).find do |constant_name|
         banned_constants.find { |banned_constant| "#{constant_name}::".start_with?("#{banned_constant}::") }
       end
     end

data/lib/console1984/command_validator/forbidden_reopening_validation.rb

@@ -8,17 +8,17 @@ class Console1984::CommandValidator::ForbiddenReopeningValidation
     @banned_class_or_module_names = banned_classes_or_modules.collect(&:to_s)
   end
 
-  # Raises a Console1984::Errors::ForbiddenCommand if an banned class or module reopening
+  # Raises a Console1984::Errors::ForbiddenCommandAttempted if an banned class or module reopening
   # is detected.
   def validate(parsed_command)
     if contains_invalid_class_or_module_declaration?(parsed_command)
-      raise Console1984::Errors::ForbiddenCommand
+      raise Console1984::Errors::ForbiddenCommandAttempted
     end
   end
 
   private
     def contains_invalid_class_or_module_declaration?(parsed_command)
-      parsed_command.declared_classes_or_modules.find { |class_or_module_name| banned?(class_or_module_name) }
+      (parsed_command.declared_classes_or_modules + parsed_command.constant_assignments).find { |class_or_module_name| banned?(class_or_module_name) }
     end
 
     def banned?(class_or_module_name)

data/lib/console1984/command_validator/parsed_command.rb

@@ -6,59 +6,19 @@ class Console1984::CommandValidator::ParsedCommand
 
   attr_reader :raw_command
 
-  delegate :declared_classes_or_modules, :constants, to: :processed_ast
+  delegate :declared_classes_or_modules, :constants, :constant_assignments, to: :command_parser
 
   def initialize(raw_command)
     @raw_command = Array(raw_command).join("\n")
   end
 
   private
-    def processed_ast
-      @processed_ast ||= CommandProcessor.new.tap do |processor|
+    def command_parser
+      @command_parser ||= Console1984::CommandValidator::CommandParser.new.tap do |processor|
         ast = Parser::CurrentRuby.parse(raw_command)
         processor.process(ast)
       rescue Parser::SyntaxError
         # Fail open with syntax errors
       end
     end
-
-    class CommandProcessor < ::Parser::AST::Processor
-      include AST::Processor::Mixin
-      include Console1984::Freezeable
-
-      attr_reader :constants, :declared_classes_or_modules
-
-      def initialize
-        @constants = []
-        @declared_classes_or_modules = []
-      end
-
-      def on_class(node)
-        super
-        const_declaration, _, _ = *node
-
-        processor = self.class.new
-        processor.process(const_declaration)
-        @declared_classes_or_modules << processor.constants.first if processor.constants.present?
-      end
-
-      alias_method :on_module, :on_class
-
-      def on_const(node)
-        super
-        name, const_name = *node
-        const_name = const_name.to_s
-        last_constant = @constants.last
-
-        if name.nil? || (name && name.type == :cbase) # cbase = leading ::
-          if last_constant&.end_with?("::")
-            last_constant << const_name
-          else
-            @constants << const_name
-          end
-        elsif last_constant
-          last_constant << "::#{const_name}"
-        end
-      end
-    end
 end

data/lib/console1984/command_validator/suspicious_terms_validation.rb

@@ -9,7 +9,7 @@ class Console1984::CommandValidator::SuspiciousTermsValidation
   # Raises a Console1984::Errors::SuspiciousCommand if the term is referenced.
   def validate(parsed_command)
     if contains_suspicious_term?(parsed_command)
-      raise Console1984::Errors::SuspiciousCommand
+      raise Console1984::Errors::SuspiciousCommandAttempted
     end
   end
 

data/lib/console1984/command_validator.rb

@@ -5,7 +5,7 @@
 #
 # The validation itself happens as a chain of validation objects. The system will invoke
 # each validation in order. Validations will raise an error if the validation fails (typically
-# a Console1984::Errors::ForbiddenCommand or Console1984::Errors::SuspiciousCommands).
+# a Console1984::Errors::ForbiddenCommandAttempted or Console1984::Errors::SuspiciousCommands).
 #
 # Internally, validations will receive a Console1984::CommandValidator::ParsedCommand object. This
 # exposes parsed constructs in addition to the raw strings so that validations can use those.

data/lib/console1984/config.rb

@@ -4,11 +4,14 @@
 class Console1984::Config
   include Console1984::Freezeable, Console1984::Messages
 
+  PROTECTIONS_CONFIG_FILE_PATH = Console1984::Engine.root.join("config/protections.yml")
+
   PROPERTIES = %i[
     session_logger username_resolver shield command_executor
     protected_environments protected_urls
     production_data_warning enter_unprotected_encryption_mode_warning enter_protected_mode_warning
     incinerate incinerate_after incineration_queue
+    protections_config
     debug test_mode
   ]
 
@@ -24,9 +27,14 @@ class Console1984::Config
     end
   end
 
+  # Initialize lazily so that it only gets instantiated during console sessions
+  def protections_config
+    @protections_config ||= Console1984::ProtectionsConfig.new(YAML.safe_load(File.read(PROTECTIONS_CONFIG_FILE_PATH)).symbolize_keys)
+  end
+
   def freeze
     super
-    [ protected_urls ].each(&:freeze)
+    [ protected_urls, protections_config ].each(&:freeze)
   end
 
   private

data/lib/console1984/engine.rb

@@ -10,7 +10,7 @@ module Console1984
 
     initializer "console1984.config" do
       config.console1984.each do |key, value|
-        Console1984.config.send("#{key}=", value) unless %i[ protected_urls protected_environments ].include?(key.to_sym)
+        Console1984.config.send("#{key}=", value)
       end
     end
 

data/lib/console1984/errors.rb

@@ -10,11 +10,15 @@ module Console1984
 
     # Attempt to execute a command that is not allowed. The system won't
     # execute such commands and will flag them as sensitive.
-    class ForbiddenCommand < StandardError; end
+    class ForbiddenCommandAttempted < StandardError; end
 
     # A suspicious command was executed. The command will be flagged but the system
     # will let it run.
-    class SuspiciousCommand < StandardError; end
+    class SuspiciousCommandAttempted < StandardError; end
+
+    # A forbidden command was executed. The system will flag the command
+    # and exit.
+    class ForbiddenCommandExecuted < StandardError; end
 
     # Attempt to incinerate a session ahead of time as determined by
     # +config.console1984.incinerate_after+.

data/lib/console1984/ext/active_record/protected_auditable_tables.rb

@@ -6,7 +6,7 @@ module Console1984::Ext::ActiveRecord::ProtectedAuditableTables
     define_method method do |*args, **kwargs|
       sql = args.first
       if Console1984.command_executor.executing_user_command? && sql =~ auditable_tables_regexp
-        raise Console1984::Errors::ForbiddenCommand, "#{sql}"
+        raise Console1984::Errors::ForbiddenCommandAttempted, "#{sql}"
       else
         super(*args, **kwargs)
       end
@@ -19,7 +19,7 @@ module Console1984::Ext::ActiveRecord::ProtectedAuditableTables
     end
 
     def auditable_tables
-      @auditable_tables ||= auditable_models.collect(&:table_name)
+      @auditable_tables ||= Console1984.command_executor.run_as_system { auditable_models.collect(&:table_name) }
     end
 
     def auditable_models

data/lib/console1984/ext/core/module.rb

@@ -0,0 +1,32 @@
+# Extends +Module+ to prevent invoking class_eval in user commands.
+#
+# We don't use the built-in configurable system from protections.yml because we use
+# class_eval ourselves to implement it!
+module Console1984::Ext::Core::Module
+  extend ActiveSupport::Concern
+
+  def instance_eval(*)
+    if Console1984.command_executor.executing_user_command?
+      raise Console1984::Errors::ForbiddenCommandAttempted
+    else
+      super
+    end
+  end
+
+  def method_added(method)
+    if Console1984.command_executor.from_irb?(caller) && banned_for_reopening?
+      raise Console1984::Errors::ForbiddenCommandExecuted, "Trying to add method `#{method}` to #{self.name}"
+    end
+  end
+
+  private
+    def banned_for_reopening?
+      classes_and_modules_banned_for_reopening.find do |banned_class_or_module_name|
+        "#{self.name}::".start_with?("#{banned_class_or_module_name}::")
+      end
+    end
+
+    def classes_and_modules_banned_for_reopening
+      @classes_and_modules_banned_for_reopening ||= Console1984.protections_config.validations[:forbidden_reopening]
+    end
+end

data/lib/console1984/ext/core/object.rb

@@ -12,6 +12,7 @@ module Console1984::Ext::Core::Object
   extend ActiveSupport::Concern
 
   include Console1984::Freezeable
+  self.prevent_instance_data_manipulation_after_freezing = false
 
   class_methods do
     def const_get(*arguments)
@@ -24,7 +25,7 @@ module Console1984::Ext::Core::Object
           # See the list +forbidden_reopening+ in +config/command_protections.yml+.
           Console1984.command_executor.validate_command("class #{arguments.first}; end")
           super
-        rescue Console1984::Errors::ForbiddenCommand
+        rescue Console1984::Errors::ForbiddenCommandAttempted
           raise
         rescue StandardError
           super

data/lib/console1984/ext/socket/tcp_socket.rb

@@ -28,12 +28,16 @@ module Console1984::Ext::Socket::TcpSocket
     end
 
     def protected_addresses
-      @protected_addresses ||= Console1984::Shield::Modes::PROTECTED_MODE.currently_protected_urls.collect do |url|
+      @protected_addresses ||= protected_urls.collect do |url|
         host, port = host_and_port_from(url)
         Array(Addrinfo.getaddrinfo(host, port)).collect { |addrinfo| ComparableAddress.new(addrinfo) if addrinfo.ip_address }
       end.flatten.compact.uniq
     end
 
+    def protected_urls
+      Console1984::Shield::Modes::PROTECTED_MODE.currently_protected_urls || []
+    end
+
     def host_and_port_from(url)
       URI(url).then do |parsed_uri|
         if parsed_uri.host

data/lib/console1984/freezeable.rb

@@ -13,18 +13,24 @@
 # will look through all the modules/classes freezing them. This way, we can control
 # the moment where we stop classes from being modifiable at setup time.
 module Console1984::Freezeable
-  extend ActiveSupport::Concern
-
   mattr_reader :to_freeze, default: Set.new
 
-  included do
-    Console1984::Freezeable.to_freeze << self
+  # Not using ActiveSupport::Concern because a bunch of classes skip its +.invoked+ hook which
+  # is terrible for our purposes. This happened because it was being included in parent classes
+  # (such as Object), so it was skipping the include block.
+  def self.included(base)
+    Console1984::Freezeable.to_freeze << base
+    base.extend ClassMethods
+
+    # Flag to control manipulating instance data via instance_variable_get and instance_variable_set.
+    # true by default.
+    base.thread_mattr_accessor :prevent_instance_data_manipulation_after_freezing, default: true
   end
 
-  class_methods do
+  module ClassMethods
     SENSITIVE_INSTANCE_METHODS = %i[ instance_variable_get instance_variable_set ]
 
-    def prevent_sensitive_overrides
+    def prevent_instance_data_manipulation
       SENSITIVE_INSTANCE_METHODS.each do |method|
         prevent_sensitive_method method
       end
@@ -33,7 +39,7 @@ module Console1984::Freezeable
     private
       def prevent_sensitive_method(method_name)
         define_method method_name do |*arguments|
-          raise Console1984::Errors::ForbiddenCommand, "You can't invoke #{method_name} on #{self}"
+          raise Console1984::Errors::ForbiddenCommandAttempted, "You can't invoke #{method_name} on #{self}"
         end
       end
   end
@@ -51,7 +57,7 @@ module Console1984::Freezeable
       end
 
       def freeze_class_or_module(class_or_module)
-        class_or_module.prevent_sensitive_overrides
+        class_or_module.prevent_instance_data_manipulation if class_or_module.prevent_instance_data_manipulation_after_freezing
         class_or_module.freeze
       end
 

data/lib/console1984/protections_config.rb

@@ -0,0 +1,17 @@
+class Console1984::ProtectionsConfig
+  include Console1984::Freezeable
+
+  delegate :validations, to: :instance
+
+  attr_reader :config
+
+  def initialize(config)
+    @config = config
+  end
+
+  %i[ validations forbidden_methods ].each do |method_name|
+    define_method method_name do
+      config[method_name].symbolize_keys
+    end
+  end
+end

data/lib/console1984/refrigerator.rb

@@ -0,0 +1,31 @@
+# Freezes classes to prevent tampering them
+class Console1984::Refrigerator
+  include Console1984::Freezeable
+
+  def freeze_all
+    eager_load_all_classes
+    freeze_internal_instances # internal modules and classes are frozen by including Console1984::Freezable
+    freeze_external_modules_and_classes
+
+    Console1984::Freezeable.freeze_all
+  end
+
+  private
+    def freeze_internal_instances
+      Console1984.config.freeze unless Console1984.config.test_mode
+    end
+
+    def freeze_external_modules_and_classes
+      external_modules_and_classes_to_freeze.each { |klass| klass.include(Console1984::Freezeable) }
+    end
+
+    def external_modules_and_classes_to_freeze
+      # Not using a constant because we want this to run lazily (console-dependant dependencies might not be loaded).
+      [Parser::CurrentRuby]
+    end
+
+    def eager_load_all_classes
+      Rails.application.eager_load! unless Rails.application.config.eager_load
+      Console1984.class_loader.eager_load
+    end
+end

data/lib/console1984/shield/method_invocation_shell.rb

@@ -0,0 +1,46 @@
+# Prevents invoking a configurable set of methods
+class Console1984::Shield::MethodInvocationShell
+  include Console1984::Freezeable
+
+  class << self
+    def install_for(invocations)
+      Array(invocations).each { |invocation| self.new(invocation).prevent_methods_invocation }
+    end
+  end
+
+  attr_reader :class_name, :methods, :only_for_user_commands
+
+  def initialize(invocation)
+    @class_name, methods = invocation.to_a
+    @methods = Array(methods)
+  end
+
+  def prevent_methods_invocation
+    class_name.to_s.constantize.prepend build_protection_module
+  end
+
+  def build_protection_module
+    source = protected_method_invocations_source
+    Module.new do
+      class_eval <<~RUBY, __FILE__, __LINE__ + 1
+        #{source}
+      RUBY
+    end
+  end
+
+  def protected_method_invocations_source
+    methods.collect { |method| protected_method_invocation_source_for(method) }.join("\n")
+  end
+
+  def protected_method_invocation_source_for(method)
+    <<~RUBY
+      def #{method}(*args)
+        if Console1984.command_executor.from_irb?(caller)
+          raise Console1984::Errors::ForbiddenCommandAttempted
+        else
+          super
+        end
+      end
+    RUBY
+  end
+end

data/lib/console1984/shield.rb

@@ -19,7 +19,9 @@ class Console1984::Shield
   # that aren't mean to be modified once the console is running.
   def install
     extend_protected_systems
-    freeze_all
+    prevent_invoking_protected_methods
+
+    refrigerator.freeze_all
   end
 
   private
@@ -37,6 +39,7 @@ class Console1984::Shield
 
     def extend_core_ruby
       Object.prepend Console1984::Ext::Core::Object
+      Module.prepend Console1984::Ext::Core::Module
     end
 
     def extend_sockets
@@ -65,16 +68,12 @@ class Console1984::Shield
       end
     end
 
-    def freeze_all
-      eager_load_all_classes
-      Console1984.config.freeze unless Console1984.config.test_mode
-      Console1984::Freezeable.freeze_all
-      Parser::CurrentRuby.freeze
+    def prevent_invoking_protected_methods
+      MethodInvocationShell.install_for(Console1984.protections_config.forbidden_methods)
     end
 
-    def eager_load_all_classes
-      Rails.application.eager_load! unless Rails.application.config.eager_load
-      Console1984.class_loader.eager_load
+    def refrigerator
+      @refrigerator ||= Console1984::Refrigerator.new
     end
 
     module SSLSocketRemoteAddress

data/lib/console1984/supervisor.rb

@@ -30,12 +30,21 @@ class Console1984::Supervisor
     stop_session
   end
 
+  def exit_irb
+    stop
+    IRB.CurrentContext.exit
+  end
+
   private
     def require_dependencies
       Kernel.silence_warnings do
         require 'parser/current'
       end
       require 'colorized_string'
+
+      # Explicit lazy loading because it depends on +parser+, which we want to only load
+      # in console sessions.
+      require_relative "./command_validator/.command_parser"
     end
 
     def start_session

data/lib/console1984/version.rb

@@ -1,3 +1,3 @@
 module Console1984
-  VERSION = '0.1.7'
+  VERSION = '0.1.11'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: console1984
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.1.11
 platform: ruby
 authors:
 - Jorge Manrubia
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-04 00:00:00.000000000 Z
+date: 2021-09-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -195,7 +195,7 @@ files:
 - app/models/console1984/session.rb
 - app/models/console1984/session/incineratable.rb
 - app/models/console1984/user.rb
-- config/command_protections.yml
+- config/protections.yml
 - db/migrate/20210517203931_create_console1984_tables.rb
 - lib/console1984.rb
 - lib/console1984/command_executor.rb
@@ -208,6 +208,7 @@ files:
 - lib/console1984/engine.rb
 - lib/console1984/errors.rb
 - lib/console1984/ext/active_record/protected_auditable_tables.rb
+- lib/console1984/ext/core/module.rb
 - lib/console1984/ext/core/object.rb
 - lib/console1984/ext/irb/commands.rb
 - lib/console1984/ext/irb/context.rb
@@ -215,8 +216,11 @@ files:
 - lib/console1984/freezeable.rb
 - lib/console1984/input_output.rb
 - lib/console1984/messages.rb
+- lib/console1984/protections_config.rb
+- lib/console1984/refrigerator.rb
 - lib/console1984/sessions_logger/database.rb
 - lib/console1984/shield.rb
+- lib/console1984/shield/method_invocation_shell.rb
 - lib/console1984/shield/modes.rb
 - lib/console1984/shield/modes/protected.rb
 - lib/console1984/shield/modes/unprotected.rb

data/config/command_protections.yml

@@ -1,17 +0,0 @@
-forbidden_reopening:
-  - ActiveRecord
-  - Console1984
-  - PG
-  - Mysql2
-forbidden_constant_reference:
-  always:
-    - Console1984
-  protected:
-    - PG
-    - Mysql2
-    - ActiveRecord::ActiveRecordEncryption
-suspicious_terms:
-  - console_1984
-  - Console1984
-  - secret
-  - credentials