exec_sandbox 0.1.0

data/spec/exec_sandbox/wait4_spec.rb

@@ -0,0 +1,24 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+describe ExecSandbox::Wait4 do
+  describe '#wait4' do
+    describe 'write_arg.rb' do
+      before do
+        pid = Kernel.fork { Process.exec bin_fixture(:exit_arg), '42' }
+        @status = ExecSandbox::Wait4.wait4 pid
+      end
+      
+      it 'should have the correct exit status' do
+        @status[:exit_code].should == 42
+      end
+      
+      it 'should not take more than 1s of user time' do
+        @status[:user_time].should < 1
+      end
+      
+      it 'should not take more than 1s of system time' do
+        @status[:system_time].should < 1
+      end
+    end
+  end
+end

data/spec/fixtures/buffer.rb

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+
+# Allocates a buffer sized according to the second argument and writes it to the
+# file indicated by the first argument.
+
+buffer = String.new "\xFE" * ARGV[1].to_i
+File.open(ARGV[0], 'wb') do |f|
+  f.write buffer
+  f.flush
+end

data/spec/fixtures/churn.rb

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+
+# Churns away at math for a number of seconds indicated by the second argument,
+# then outputs a '+' and exists.
+
+start = Time.now
+File.open(ARGV[0], 'wb') do |f|
+  f.sync = true
+  loop do
+    j = 0
+    1.upto(1_000_000) { |i| j = i * i + 100 }
+    break if Time.now - start >= ARGV[1].to_i
+  end
+  f.write '+'
+  f.flush
+end

data/spec/fixtures/duplicate.rb

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+# Writes STDIN to STDOUT twice.
+
+bits = STDIN.read
+2.times { STDOUT.write bits }
+STDOUT.flush

data/spec/fixtures/exit_arg.rb

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+# Exits with the code given in the first argument.
+
+Process.exit ARGV[0].to_i

data/spec/fixtures/fork.rb

@@ -0,0 +1,18 @@
+#!/usr/bin/env ruby
+
+# Forks a number of processes matching second argument, each process writes a
+# + to the file pointed by the first argument.
+
+proc_count = ARGV[1].to_i
+pids = Array.new proc_count
+
+File.open(ARGV[0], 'wb') do |f|
+  f.sync = true
+  0.upto(proc_count - 1) do |i|
+    pids[i] = fork do
+      f.write '+'
+      sleep 1
+    end
+  end
+  0.upto(proc_count - 1) { |i| Process.waitpid(pids[i]) }
+end

data/spec/fixtures/pwd.rb

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+
+# Writes the current directory to the file indicated by the first argument.
+
+File.open(ARGV[0], 'wb') do |f|
+  f.write Dir.pwd
+  f.flush
+end

data/spec/fixtures/write_arg.rb

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+
+# Writes its second argument to the file indicated by the first argument.
+
+File.open(ARGV[0], 'wb') do |f|
+  f.write ARGV[1]
+  f.flush
+end

data/spec/spec_helper.rb

@@ -0,0 +1,12 @@
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'rspec'
+require 'exec_sandbox'
+
+# Requires supporting files with custom matchers and macros, etc,
+# in ./support/ and its subdirectories.
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
+
+RSpec.configure do |config|
+  
+end

data/spec/support/code_fixture.rb

@@ -0,0 +1,7 @@
+# Path to one of the fixture code files.
+#
+# @param [Symbol] fixture_id the name of the code file
+# @return [String] fully-qualified path to the code file
+def bin_fixture(fixture_id)
+  File.expand_path "#{File.dirname(__FILE__)}/../fixtures/#{fixture_id.to_s}.rb"
+end

metadata

@@ -0,0 +1,165 @@
+--- !ruby/object:Gem::Specification
+name: exec_sandbox
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Victor Costan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2011-10-13 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ffi
+  requirement: &23606780 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.9
+  type: :runtime
+  prerelease: false
+  version_requirements: *23606780
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: &23606160 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '3.10'
+  type: :development
+  prerelease: false
+  version_requirements: *23606160
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &23605400 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.6.0
+  type: :development
+  prerelease: false
+  version_requirements: *23605400
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: &23604760 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.7.2
+  type: :development
+  prerelease: false
+  version_requirements: *23604760
+- !ruby/object:Gem::Dependency
+  name: yard-rspec
+  requirement: &23604040 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :development
+  prerelease: false
+  version_requirements: *23604040
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: &23603320 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.21
+  type: :development
+  prerelease: false
+  version_requirements: *23603320
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: &23602620 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.6.4
+  type: :development
+  prerelease: false
+  version_requirements: *23602620
+- !ruby/object:Gem::Dependency
+  name: rcov
+  requirement: &23601780 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *23601780
+description: Temporary users and groups, rlimits
+email: costan@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.txt
+- README.rdoc
+files:
+- .document
+- .project
+- .rspec
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.rdoc
+- Rakefile
+- VERSION
+- lib/exec_sandbox.rb
+- lib/exec_sandbox/sandbox.rb
+- lib/exec_sandbox/spawn.rb
+- lib/exec_sandbox/users.rb
+- lib/exec_sandbox/wait4.rb
+- spec/exec_sandbox/sandbox_spec.rb
+- spec/exec_sandbox/spawn_spec.rb
+- spec/exec_sandbox/users_spec.rb
+- spec/exec_sandbox/wait4_spec.rb
+- spec/fixtures/buffer.rb
+- spec/fixtures/churn.rb
+- spec/fixtures/duplicate.rb
+- spec/fixtures/exit_arg.rb
+- spec/fixtures/fork.rb
+- spec/fixtures/pwd.rb
+- spec/fixtures/write_arg.rb
+- spec/spec_helper.rb
+- spec/support/code_fixture.rb
+homepage: http://github.com/pwnall/exec_sandbox
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3535790192517307381
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.11
+signing_key: 
+specification_version: 3
+summary: Run foreign binaries using POSIX sandboxing features
+test_files: []