dia 1.0 → 1.1.pre
Sign up to get free protection for your applications and to get access to all the features.
- data/NEWS.md +12 -0
- data/README.md +16 -6
- data/lib/dia/sandbox.rb +30 -1
- data/lib/dia.rb +1 -0
- metadata +21 -9
data/NEWS.md
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
## NEWS
|
|
2
|
+
|
|
3
|
+
### 1.1.pre
|
|
4
|
+
|
|
5
|
+
* A person reported that ffi 0.6.0 does not work with dia ..
|
|
6
|
+
Supplied an explicit dependency on ffi 0.5.4 until I figure it out.
|
|
7
|
+
|
|
8
|
+
* You can run a block of ruby under a sandbox now but I had to change the order of arguments in the constructer ..
|
|
9
|
+
First argument is the profile, and (optionally) the second is the application path.
|
|
10
|
+
If you're running a block of ruby, you can forget about the second.
|
|
11
|
+
|
|
12
|
+
* I documented my methods!
|
data/README.md
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
## How?
|
|
14
14
|
FFI, and the C header "sandbox.h" (found on OSX).
|
|
15
15
|
|
|
16
|
-
## Example
|
|
16
|
+
## Example 1 (Running an application under a sandbox)
|
|
17
17
|
|
|
18
18
|
require 'rubygems'
|
|
19
19
|
require 'dia'
|
|
@@ -22,13 +22,23 @@ FFI, and the C header "sandbox.h" (found on OSX).
|
|
|
22
22
|
sandbox.run
|
|
23
23
|
puts "Launched #{sandbox.app_path} with a pid of #{sandbox.pid} using the profile #{sandbox.profile}"
|
|
24
24
|
|
|
25
|
+
## Example 2 (Running ruby under a sandbox)
|
|
26
|
+
|
|
27
|
+
require 'rubygems'
|
|
28
|
+
require 'dia'
|
|
29
|
+
require 'open-uri'
|
|
30
|
+
|
|
31
|
+
sandbox = Dia::SandBox.new(Dia::Profiles::NO_OS_SERVICES)
|
|
32
|
+
sandbox.run_with_block do
|
|
33
|
+
open(URI.parse('http://www.google.com')).read
|
|
34
|
+
exit!
|
|
35
|
+
end
|
|
36
|
+
|
|
25
37
|
## Install?
|
|
26
38
|
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
gem
|
|
30
|
-
gem install *.gem
|
|
31
|
-
... after cloning the repository.
|
|
39
|
+
It's on gemcutter.
|
|
40
|
+
|
|
41
|
+
gem install dia
|
|
32
42
|
|
|
33
43
|
## License(MIT)
|
|
34
44
|
|
data/lib/dia/sandbox.rb
CHANGED
|
@@ -8,12 +8,23 @@ module Dia
|
|
|
8
8
|
attr_accessor :profile
|
|
9
9
|
attr_accessor :pid
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
# @param [Constant] Profile The profile to be used when creating a sandbox.
|
|
12
|
+
# @param [String] Application The path to an application you want to sandbox. Optional.
|
|
13
|
+
# @return [Dia::SandBox] Returns an instance of Dia::SandBox
|
|
14
|
+
def initialize(profile = Dia::Profiles::NO_OS_SERVICES, app_path=nil)
|
|
12
15
|
@app_path = app_path
|
|
13
16
|
@profile = profile
|
|
14
17
|
end
|
|
15
18
|
|
|
19
|
+
# The run method will spawn a child process and run the supplied application in a sandbox.
|
|
20
|
+
#
|
|
21
|
+
# @raise [ArgumentError] Will raise an ArgumentError if an application has not been supplied to
|
|
22
|
+
# the constructer.
|
|
23
|
+
# @raise [Dia::SandBoxException] Will raise Dia::SandBoxException if the sandbox could not be initiated.
|
|
24
|
+
# @return [Fixnum] The Process ID(PID) that the sandboxed application is being run under.
|
|
16
25
|
def run
|
|
26
|
+
raise ArgumentError, "No application path supplied" if @app_path.nil?
|
|
27
|
+
|
|
17
28
|
@pid = fork do
|
|
18
29
|
unless ( ret = sandbox_init(@profile, 0x0001, error = FFI::MemoryPointer.new(:pointer)) ) == 0
|
|
19
30
|
raise Dia::SandBoxException, "Couldn't sandbox #{@app_path}, sandbox_init returned #{ret} with error message: '#{error.get_pointer(0).read_string}'"
|
|
@@ -22,6 +33,24 @@ module Dia
|
|
|
22
33
|
end
|
|
23
34
|
end
|
|
24
35
|
|
|
36
|
+
# The run\_with\_block method will spawn a child process and run a supplied block of ruby code in a sandbox.
|
|
37
|
+
#
|
|
38
|
+
# It may raise any number of exceptions if the sandbox could be initiated ..
|
|
39
|
+
# It depends on the restrictions of the sandbox and if the block actually violates a restriction imposed by
|
|
40
|
+
# the sandbox .. In any case, the parent process will not be affected and if you want to catch an exception you
|
|
41
|
+
# should do so in your block.
|
|
42
|
+
#
|
|
43
|
+
# @raise [Dia::SandBoxException] Will raise Dia::SandBoxException if the sandbox could not be initiated.
|
|
44
|
+
# @return [Fixnum] The Process ID(PID) that the sandboxed block of code is being run under.
|
|
45
|
+
def run_with_block &blk
|
|
46
|
+
@pid = fork do
|
|
47
|
+
unless ( ret = sandbox_init(@profile, 0x0001, error = FFI::MemoryPointer.new(:pointer)) ) == 0
|
|
48
|
+
raise Dia::SandBoxException, "Couldn't sandbox #{@app_path}, sandbox_init returned #{ret} with error message: '#{error.get_pointer(0).read_string}'"
|
|
49
|
+
end
|
|
50
|
+
yield
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
25
54
|
end
|
|
26
55
|
|
|
27
56
|
end
|
data/lib/dia.rb
CHANGED
metadata
CHANGED
|
@@ -1,16 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dia
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 1.1.pre
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
- Robert
|
|
8
|
-
- Gleeson
|
|
7
|
+
- Robert Gleeson
|
|
9
8
|
autorequire:
|
|
10
9
|
bindir: bin
|
|
11
10
|
cert_chain: []
|
|
12
11
|
|
|
13
|
-
date: 2010-
|
|
12
|
+
date: 2010-02-12 00:00:00 +00:00
|
|
14
13
|
default_executable:
|
|
15
14
|
dependencies:
|
|
16
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -19,9 +18,9 @@ dependencies:
|
|
|
19
18
|
version_requirement:
|
|
20
19
|
version_requirements: !ruby/object:Gem::Requirement
|
|
21
20
|
requirements:
|
|
22
|
-
- - "
|
|
21
|
+
- - "="
|
|
23
22
|
- !ruby/object:Gem::Version
|
|
24
|
-
version:
|
|
23
|
+
version: 0.5.4
|
|
25
24
|
version:
|
|
26
25
|
description: Dia allows you to sandbox applications on the OSX platform
|
|
27
26
|
email: rob@flowof.info
|
|
@@ -32,6 +31,7 @@ extensions: []
|
|
|
32
31
|
extra_rdoc_files: []
|
|
33
32
|
|
|
34
33
|
files:
|
|
34
|
+
- NEWS.md
|
|
35
35
|
- README.md
|
|
36
36
|
- lib/dia/commonapi.rb
|
|
37
37
|
- lib/dia/profiles.rb
|
|
@@ -41,7 +41,19 @@ has_rdoc: true
|
|
|
41
41
|
homepage:
|
|
42
42
|
licenses: []
|
|
43
43
|
|
|
44
|
-
post_install_message:
|
|
44
|
+
post_install_message: " Dia\n\
|
|
45
|
+
-----\n\
|
|
46
|
+
Thanks for taking the time to try out the prereleae of Dia 1.1\n\n\
|
|
47
|
+
For people who had problems with Dia and FFI 0.6.0, I have added an explicit \n\
|
|
48
|
+
dependency on 0.5.4 ..\n\n\
|
|
49
|
+
Slight API changes alter the way Dia behaves .. \n\
|
|
50
|
+
The change is minor, but worth noting because it breaks code written for 1.0\n\n\
|
|
51
|
+
For more information: \n\
|
|
52
|
+
http://github.com/robgleeson/Dia/blob/experimental/NEWS.md\n\
|
|
53
|
+
http://github.com/robgleeson/Dia/blob/experimental/README.md\n\n\
|
|
54
|
+
Please report bugs if you find any! \n\
|
|
55
|
+
http://github.com/robgleeson/dia/issues\n\n\
|
|
56
|
+
Rob\n"
|
|
45
57
|
rdoc_options: []
|
|
46
58
|
|
|
47
59
|
require_paths:
|
|
@@ -54,9 +66,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
54
66
|
version:
|
|
55
67
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
56
68
|
requirements:
|
|
57
|
-
- - "
|
|
69
|
+
- - ">"
|
|
58
70
|
- !ruby/object:Gem::Version
|
|
59
|
-
version:
|
|
71
|
+
version: 1.3.1
|
|
60
72
|
version:
|
|
61
73
|
requirements: []
|
|
62
74
|
|