dia 1.3 → 1.4.pre

data/NEWS.md

@@ -1,5 +1,9 @@
 ## NEWS
 
+* Use ffi\_lib() to explicitly load the dynamic library "sandbox", or "System"
+* Depend explicitly on FFI v0.6.2
+* Dia::Sandbox#run accepts a variable amount of arguments that will be passed onto the block supplied to the constructer.
+
 ### 1.3
 * Added Dia::Sandbox#running? to check if a process running a sandbox is alive or not.
 * Dia::Sandbox only exposes its instance variables through getters now. No more setters.

data/README.md

@@ -1,6 +1,6 @@
 ## "Dia"
 
-"Dia" allows you to sandbox applications on the OSX platform by restricting what access to Operating System resources they can have.  
+"Dia" allows you to sandbox an application or block of ruby on the OSX platform by restricting what access to Operating System resources they can have.  
 
 ## What restrictions can you apply?  
 
@@ -28,6 +28,7 @@ It uses the FFI library, and the features exposed by the sandbox header on OSX.
 
     require 'rubygems'
     require 'dia'
+    require 'net/http'
     require 'open-uri'
     
     sandbox = Dia::Sandbox.new(Dia::Profiles::NO_OS_SERVICES) do

data/TODO.md

@@ -1,4 +1,7 @@
 ## TODO
 
+### 1.4
+* If you're going to run a block under a sandbox, make Dia::Sandbox#run accept *args so they may be passed onto the block.
+
 ### 1.3
 * Remove link to experimental branch in gemspec before release

data/lib/dia/commonapi.rb

@@ -4,6 +4,7 @@ require 'ffi'
 module Dia
   module CommonAPI
     extend FFI::Library
+    ffi_lib(%w(sandbox system libSystem.B.dylib))
     attach_function :sandbox_init, [ :string, :int, :pointer ], :int
   end
 end

data/lib/dia/profiles.rb

@@ -2,6 +2,7 @@ module Dia
   
   module Profiles
     extend FFI::Library
+    ffi_lib(%w(sandbox System libSystem.B.dylib))
     
     NO_INTERNET                    = attach_variable(:kSBXProfileNoInternet, :string).read_string
     NO_NETWORKING                  = attach_variable(:kSBXProfileNoNetwork, :string).read_string

data/lib/dia/sandbox.rb

@@ -46,22 +46,24 @@ module Dia
     # The run method will spawn a child process and run the application _or_ block supplied to the constructer under a sandbox.  
     # This method will not block.
     #
+    # @param  [Arguments]             A variable amount of arguments that will be passed onto the block supplied to the constructer. 
+    #
     # @raise  [SystemCallError]       In the case of running a block, a number of subclasses of SystemCallError may be raised if the block violates sandbox restrictions.
     #                                 The parent process will not be affected and if you wish to catch exceptions you should do so in your block.
     #
     # @raise  [Dia::SandboxException] Will raise Dia::SandboxException in a child process and exit if the sandbox could not be initiated.
     # @return [Fixnum]                The Process ID(PID) that the sandboxed application is being run under.
-    def run
+    def run(*args)
       
       @pid = fork do
-        if ( ret = sandbox_init(@profile, 0x0001, error = FFI::MemoryPointer.new(:pointer)) ) != 0
-          raise Dia::SandboxException, "Couldn't sandbox #{@app}, sandbox_init returned #{ret} with error message: '#{error.get_pointer(0).read_string}'"
+        if ( ret = sandbox_init(@profile, 0x0001, error = FFI::MemoryPointer.new(:pointer)) ) == -1
+          raise Dia::SandboxException, "Failed to initialize sandbox (#{error.read_pointer.read_string})"
         end
         
         if @app_path
           exec(@app_path)
         else
-          @blk.call
+          @blk.call(*args)
         end
       end
       

data/lib/dia.rb

@@ -1,11 +1,11 @@
-gem 'ffi', '=0.5.4'
+gem 'ffi', '= 0.6.2'
 require 'ffi'
 require File.join(File.dirname(__FILE__), 'dia/profiles.rb')
 require File.join(File.dirname(__FILE__), 'dia/commonapi.rb')
 require File.join(File.dirname(__FILE__), 'dia/sandbox.rb')
 
 module Dia
-  VERSION = '1.3'
+  VERSION = '1.4.pre'
   class SandboxException < StandardError; end
 end
 

metadata

@@ -1,11 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: dia
 version: !ruby/object:Gem::Version 
-  prerelease: false
+  prerelease: true
   segments: 
   - 1
-  - 3
-  version: "1.3"
+  - 4
+  - pre
+  version: 1.4.pre
 platform: ruby
 authors: 
 - Robert Gleeson
@@ -13,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-02-23 00:00:00 +00:00
+date: 2010-02-25 00:00:00 +00:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -25,9 +26,9 @@ dependencies:
       - !ruby/object:Gem::Version 
         segments: 
         - 0
-        - 5
-        - 4
-        version: 0.5.4
+        - 6
+        - 2
+        version: 0.6.2
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -66,7 +67,7 @@ has_rdoc: yard
 homepage: 
 licenses: []
 
-post_install_message: "  ********************************************************************\n  Thanks for installing Dia! (1.3)\n  \n  Don't forget to check NEWS.md for what has changed in this release:\n  http://www.flowof.info/dia/file.NEWS.html\n  \n  You can chat with us at irc.freenode.net / #flowof.info if you have\n  any problems. Feel free to join us!\n  ********************************************************************\n"
+post_install_message: "  ********************************************************************\n  Thanks for installing Dia! (1.4.pre)\n  \n  Don't forget to check NEWS.md for what has changed in this release:\n  http://www.flowof.info/dia/file.NEWS.html\n  \n  You can chat with us at irc.freenode.net / #flowof.info if you have\n  any problems. Feel free to join us!\n  ********************************************************************\n"
 rdoc_options: []
 
 require_paths: 
@@ -80,11 +81,13 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   requirements: 
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version 
       segments: 
-      - 0
-      version: "0"
+      - 1
+      - 3
+      - 1
+      version: 1.3.1
 requirements: []
 
 rubyforge_project: