dia 1.0 → 1.1.pre
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/NEWS.md +12 -0
- data/README.md +16 -6
- data/lib/dia/sandbox.rb +30 -1
- data/lib/dia.rb +1 -0
- metadata +21 -9
data/NEWS.md
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
## NEWS
|
|
2
|
+
|
|
3
|
+
### 1.1.pre
|
|
4
|
+
|
|
5
|
+
* A person reported that ffi 0.6.0 does not work with dia ..
|
|
6
|
+
Supplied an explicit dependency on ffi 0.5.4 until I figure it out.
|
|
7
|
+
|
|
8
|
+
* You can run a block of ruby under a sandbox now but I had to change the order of arguments in the constructer ..
|
|
9
|
+
First argument is the profile, and (optionally) the second is the application path.
|
|
10
|
+
If you're running a block of ruby, you can forget about the second.
|
|
11
|
+
|
|
12
|
+
* I documented my methods!
|
data/README.md
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
## How?
|
|
14
14
|
FFI, and the C header "sandbox.h" (found on OSX).
|
|
15
15
|
|
|
16
|
-
## Example
|
|
16
|
+
## Example 1 (Running an application under a sandbox)
|
|
17
17
|
|
|
18
18
|
require 'rubygems'
|
|
19
19
|
require 'dia'
|
|
@@ -22,13 +22,23 @@ FFI, and the C header "sandbox.h" (found on OSX).
|
|
|
22
22
|
sandbox.run
|
|
23
23
|
puts "Launched #{sandbox.app_path} with a pid of #{sandbox.pid} using the profile #{sandbox.profile}"
|
|
24
24
|
|
|
25
|
+
## Example 2 (Running ruby under a sandbox)
|
|
26
|
+
|
|
27
|
+
require 'rubygems'
|
|
28
|
+
require 'dia'
|
|
29
|
+
require 'open-uri'
|
|
30
|
+
|
|
31
|
+
sandbox = Dia::SandBox.new(Dia::Profiles::NO_OS_SERVICES)
|
|
32
|
+
sandbox.run_with_block do
|
|
33
|
+
open(URI.parse('http://www.google.com')).read
|
|
34
|
+
exit!
|
|
35
|
+
end
|
|
36
|
+
|
|
25
37
|
## Install?
|
|
26
38
|
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
gem
|
|
30
|
-
gem install *.gem
|
|
31
|
-
... after cloning the repository.
|
|
39
|
+
It's on gemcutter.
|
|
40
|
+
|
|
41
|
+
gem install dia
|
|
32
42
|
|
|
33
43
|
## License(MIT)
|
|
34
44
|
|
data/lib/dia/sandbox.rb
CHANGED
|
@@ -8,12 +8,23 @@ module Dia
|
|
|
8
8
|
attr_accessor :profile
|
|
9
9
|
attr_accessor :pid
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
# @param [Constant] Profile The profile to be used when creating a sandbox.
|
|
12
|
+
# @param [String] Application The path to an application you want to sandbox. Optional.
|
|
13
|
+
# @return [Dia::SandBox] Returns an instance of Dia::SandBox
|
|
14
|
+
def initialize(profile = Dia::Profiles::NO_OS_SERVICES, app_path=nil)
|
|
12
15
|
@app_path = app_path
|
|
13
16
|
@profile = profile
|
|
14
17
|
end
|
|
15
18
|
|
|
19
|
+
# The run method will spawn a child process and run the supplied application in a sandbox.
|
|
20
|
+
#
|
|
21
|
+
# @raise [ArgumentError] Will raise an ArgumentError if an application has not been supplied to
|
|
22
|
+
# the constructer.
|
|
23
|
+
# @raise [Dia::SandBoxException] Will raise Dia::SandBoxException if the sandbox could not be initiated.
|
|
24
|
+
# @return [Fixnum] The Process ID(PID) that the sandboxed application is being run under.
|
|
16
25
|
def run
|
|
26
|
+
raise ArgumentError, "No application path supplied" if @app_path.nil?
|
|
27
|
+
|
|
17
28
|
@pid = fork do
|
|
18
29
|
unless ( ret = sandbox_init(@profile, 0x0001, error = FFI::MemoryPointer.new(:pointer)) ) == 0
|
|
19
30
|
raise Dia::SandBoxException, "Couldn't sandbox #{@app_path}, sandbox_init returned #{ret} with error message: '#{error.get_pointer(0).read_string}'"
|
|
@@ -22,6 +33,24 @@ module Dia
|
|
|
22
33
|
end
|
|
23
34
|
end
|
|
24
35
|
|
|
36
|
+
# The run\_with\_block method will spawn a child process and run a supplied block of ruby code in a sandbox.
|
|
37
|
+
#
|
|
38
|
+
# It may raise any number of exceptions if the sandbox could be initiated ..
|
|
39
|
+
# It depends on the restrictions of the sandbox and if the block actually violates a restriction imposed by
|
|
40
|
+
# the sandbox .. In any case, the parent process will not be affected and if you want to catch an exception you
|
|
41
|
+
# should do so in your block.
|
|
42
|
+
#
|
|
43
|
+
# @raise [Dia::SandBoxException] Will raise Dia::SandBoxException if the sandbox could not be initiated.
|
|
44
|
+
# @return [Fixnum] The Process ID(PID) that the sandboxed block of code is being run under.
|
|
45
|
+
def run_with_block &blk
|
|
46
|
+
@pid = fork do
|
|
47
|
+
unless ( ret = sandbox_init(@profile, 0x0001, error = FFI::MemoryPointer.new(:pointer)) ) == 0
|
|
48
|
+
raise Dia::SandBoxException, "Couldn't sandbox #{@app_path}, sandbox_init returned #{ret} with error message: '#{error.get_pointer(0).read_string}'"
|
|
49
|
+
end
|
|
50
|
+
yield
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
25
54
|
end
|
|
26
55
|
|
|
27
56
|
end
|
data/lib/dia.rb
CHANGED
metadata
CHANGED
|
@@ -1,16 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dia
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 1.1.pre
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
- Robert
|
|
8
|
-
- Gleeson
|
|
7
|
+
- Robert Gleeson
|
|
9
8
|
autorequire:
|
|
10
9
|
bindir: bin
|
|
11
10
|
cert_chain: []
|
|
12
11
|
|
|
13
|
-
date: 2010-
|
|
12
|
+
date: 2010-02-12 00:00:00 +00:00
|
|
14
13
|
default_executable:
|
|
15
14
|
dependencies:
|
|
16
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -19,9 +18,9 @@ dependencies:
|
|
|
19
18
|
version_requirement:
|
|
20
19
|
version_requirements: !ruby/object:Gem::Requirement
|
|
21
20
|
requirements:
|
|
22
|
-
- - "
|
|
21
|
+
- - "="
|
|
23
22
|
- !ruby/object:Gem::Version
|
|
24
|
-
version:
|
|
23
|
+
version: 0.5.4
|
|
25
24
|
version:
|
|
26
25
|
description: Dia allows you to sandbox applications on the OSX platform
|
|
27
26
|
email: rob@flowof.info
|
|
@@ -32,6 +31,7 @@ extensions: []
|
|
|
32
31
|
extra_rdoc_files: []
|
|
33
32
|
|
|
34
33
|
files:
|
|
34
|
+
- NEWS.md
|
|
35
35
|
- README.md
|
|
36
36
|
- lib/dia/commonapi.rb
|
|
37
37
|
- lib/dia/profiles.rb
|
|
@@ -41,7 +41,19 @@ has_rdoc: true
|
|
|
41
41
|
homepage:
|
|
42
42
|
licenses: []
|
|
43
43
|
|
|
44
|
-
post_install_message:
|
|
44
|
+
post_install_message: " Dia\n\
|
|
45
|
+
-----\n\
|
|
46
|
+
Thanks for taking the time to try out the prereleae of Dia 1.1\n\n\
|
|
47
|
+
For people who had problems with Dia and FFI 0.6.0, I have added an explicit \n\
|
|
48
|
+
dependency on 0.5.4 ..\n\n\
|
|
49
|
+
Slight API changes alter the way Dia behaves .. \n\
|
|
50
|
+
The change is minor, but worth noting because it breaks code written for 1.0\n\n\
|
|
51
|
+
For more information: \n\
|
|
52
|
+
http://github.com/robgleeson/Dia/blob/experimental/NEWS.md\n\
|
|
53
|
+
http://github.com/robgleeson/Dia/blob/experimental/README.md\n\n\
|
|
54
|
+
Please report bugs if you find any! \n\
|
|
55
|
+
http://github.com/robgleeson/dia/issues\n\n\
|
|
56
|
+
Rob\n"
|
|
45
57
|
rdoc_options: []
|
|
46
58
|
|
|
47
59
|
require_paths:
|
|
@@ -54,9 +66,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
54
66
|
version:
|
|
55
67
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
56
68
|
requirements:
|
|
57
|
-
- - "
|
|
69
|
+
- - ">"
|
|
58
70
|
- !ruby/object:Gem::Version
|
|
59
|
-
version:
|
|
71
|
+
version: 1.3.1
|
|
60
72
|
version:
|
|
61
73
|
requirements: []
|
|
62
74
|
|