exec_sandbox 0.2.5 → 0.2.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/exec_sandbox.gemspec +3 -4
- data/lib/exec_sandbox/spawn.rb +3 -2
- data/spec/exec_sandbox/spawn_spec.rb +72 -51
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 09f406c9093bf2a8b3fb29e4eff7fb66440212e4
|
4
|
+
data.tar.gz: d1843fe96b2b322628773e4c492aa30876939bb9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 72dc4cb65baf9b34dd5329ed9d454e7d9ebc38926337122e5ecba16e851fad4100542130f8e91b032f2543278cd96b5247ca67775a1c551bfab63412eb047bed
|
7
|
+
data.tar.gz: 75139dd187ab0dcb646d1257a4101806480ce6b26911beb1084758e89acebeaae505f8bc9723a7f7372fcf28d608f9764a8f36e8c4bce93021fbc6b5770b08d9
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.2.
|
1
|
+
0.2.6
|
data/exec_sandbox.gemspec
CHANGED
@@ -2,15 +2,14 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: exec_sandbox 0.2.5 ruby lib
|
6
5
|
|
7
6
|
Gem::Specification.new do |s|
|
8
7
|
s.name = "exec_sandbox"
|
9
|
-
s.version = "0.2.
|
8
|
+
s.version = "0.2.6"
|
10
9
|
|
11
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
11
|
s.authors = ["Victor Costan"]
|
13
|
-
s.date = "2014-02-
|
12
|
+
s.date = "2014-02-06"
|
14
13
|
s.description = "Temporary users and groups, rlimits"
|
15
14
|
s.email = "costan@gmail.com"
|
16
15
|
s.extra_rdoc_files = [
|
@@ -51,7 +50,7 @@ Gem::Specification.new do |s|
|
|
51
50
|
s.homepage = "http://github.com/pwnall/exec_sandbox"
|
52
51
|
s.licenses = ["MIT"]
|
53
52
|
s.require_paths = ["lib"]
|
54
|
-
s.rubygems_version = "2.
|
53
|
+
s.rubygems_version = "2.0.14"
|
55
54
|
s.summary = "Run foreign binaries using POSIX sandboxing features"
|
56
55
|
|
57
56
|
if s.respond_to? :specification_version then
|
data/lib/exec_sandbox/spawn.rb
CHANGED
@@ -64,7 +64,7 @@ module Spawn
|
|
64
64
|
# Close all file descriptors not in the redirection table.
|
65
65
|
redirected_fds = Set.new redirects.map(&:first)
|
66
66
|
max_fd = LibC.getdtablesize
|
67
|
-
|
67
|
+
max_fd.downto 0 do |fd|
|
68
68
|
next if redirected_fds.include?(fd)
|
69
69
|
|
70
70
|
next if RubyVM.rb_reserved_fd_p(fd) != 0
|
@@ -164,10 +164,11 @@ module Spawn
|
|
164
164
|
# Maps an internal MRI function that we need.
|
165
165
|
module RubyVM
|
166
166
|
extend FFI::Library
|
167
|
-
ffi_lib
|
167
|
+
ffi_lib FFI::Library::CURRENT_PROCESS
|
168
168
|
begin
|
169
169
|
attach_function :rb_reserved_fd_p, [:int], :int
|
170
170
|
rescue FFI::NotFoundError
|
171
|
+
p 'Using fd_p emulation'
|
171
172
|
# Emulation of internal MRI function.
|
172
173
|
#
|
173
174
|
# This is a fallback, used in case FFI can't find the MRI function.
|
@@ -1,11 +1,13 @@
|
|
1
1
|
require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
|
2
2
|
|
3
|
+
require 'thread'
|
4
|
+
|
3
5
|
describe ExecSandbox::Spawn do
|
4
6
|
let(:test_user) { Etc.getlogin }
|
5
7
|
let(:test_uid) { Etc.getpwnam(test_user).uid }
|
6
8
|
let(:test_gid) { Etc.getpwnam(test_user).gid }
|
7
9
|
let(:test_group) { Etc.getgrgid(test_gid).name }
|
8
|
-
|
10
|
+
|
9
11
|
describe '#spawn IO redirection' do
|
10
12
|
before do
|
11
13
|
@temp_in = Tempfile.new 'exec_sandbox_rspec'
|
@@ -13,7 +15,7 @@ describe ExecSandbox::Spawn do
|
|
13
15
|
@temp_in.close
|
14
16
|
@temp_out = Tempfile.new 'exec_sandbox_rspec'
|
15
17
|
@temp_out.close
|
16
|
-
|
18
|
+
|
17
19
|
# Force-creating a 2nd thread to make MRI 1.9.3 crash without our fix.
|
18
20
|
@lock = Mutex.new
|
19
21
|
@lock.lock
|
@@ -35,7 +37,7 @@ describe ExecSandbox::Spawn do
|
|
35
37
|
it 'should not crash' do
|
36
38
|
@status[:exit_code].should == 0
|
37
39
|
end
|
38
|
-
|
40
|
+
|
39
41
|
it 'should write successfully' do
|
40
42
|
@temp_out.open
|
41
43
|
begin
|
@@ -45,7 +47,7 @@ describe ExecSandbox::Spawn do
|
|
45
47
|
end
|
46
48
|
end
|
47
49
|
end
|
48
|
-
|
50
|
+
|
49
51
|
describe 'with paths' do
|
50
52
|
before do
|
51
53
|
pid = ExecSandbox::Spawn.spawn bin_fixture(:duplicate),
|
@@ -54,9 +56,28 @@ describe ExecSandbox::Spawn do
|
|
54
56
|
@status = ExecSandbox::Wait4.wait4 pid
|
55
57
|
end
|
56
58
|
|
57
|
-
it_behaves_like 'duplicate.rb'
|
59
|
+
it_behaves_like 'duplicate.rb'
|
58
60
|
end
|
59
|
-
|
61
|
+
|
62
|
+
describe 'with paths and a second thread' do
|
63
|
+
before do
|
64
|
+
@queue = Queue.new
|
65
|
+
@thread = Thread.new { @queue.pop }
|
66
|
+
|
67
|
+
pid = ExecSandbox::Spawn.spawn bin_fixture(:duplicate),
|
68
|
+
{in: @temp_in.path, out: @temp_out.path,
|
69
|
+
err: @temp_out.path}
|
70
|
+
@status = ExecSandbox::Wait4.wait4 pid
|
71
|
+
end
|
72
|
+
|
73
|
+
after do
|
74
|
+
@queue.push 'die'
|
75
|
+
@thread.join
|
76
|
+
end
|
77
|
+
|
78
|
+
it_behaves_like 'duplicate.rb'
|
79
|
+
end
|
80
|
+
|
60
81
|
describe 'with file descriptors' do
|
61
82
|
before do
|
62
83
|
File.open(@temp_in.path, 'r') do |in_io|
|
@@ -70,24 +91,24 @@ describe ExecSandbox::Spawn do
|
|
70
91
|
|
71
92
|
it_behaves_like 'duplicate.rb'
|
72
93
|
end
|
73
|
-
|
94
|
+
|
74
95
|
describe 'without stdout' do
|
75
96
|
before do
|
76
97
|
pid = ExecSandbox::Spawn.spawn bin_fixture(:duplicate),
|
77
98
|
{in: @temp_in.path}
|
78
99
|
@status = ExecSandbox::Wait4.wait4 pid
|
79
100
|
end
|
80
|
-
|
101
|
+
|
81
102
|
it 'should crash' do
|
82
103
|
@status[:exit_code].should_not == 0
|
83
104
|
end
|
84
105
|
end
|
85
|
-
|
106
|
+
|
86
107
|
shared_examples_for 'count.rb' do
|
87
108
|
it 'should not crash' do
|
88
109
|
@status[:exit_code].should == 0
|
89
110
|
end
|
90
|
-
|
111
|
+
|
91
112
|
it 'should write successfully' do
|
92
113
|
@temp_out.open
|
93
114
|
begin
|
@@ -122,7 +143,7 @@ describe ExecSandbox::Spawn do
|
|
122
143
|
after do
|
123
144
|
File.unlink(@temp_path) if File.exist?(@temp_path)
|
124
145
|
end
|
125
|
-
|
146
|
+
|
126
147
|
describe 'with root credentials' do
|
127
148
|
before do
|
128
149
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:write_arg),
|
@@ -131,11 +152,11 @@ describe ExecSandbox::Spawn do
|
|
131
152
|
@status = ExecSandbox::Wait4.wait4 pid
|
132
153
|
@fstat = File.stat(@temp_path)
|
133
154
|
end
|
134
|
-
|
155
|
+
|
135
156
|
it 'should not crash' do
|
136
157
|
@status[:exit_code].should == 0
|
137
158
|
end
|
138
|
-
|
159
|
+
|
139
160
|
it 'should have the UID set to root' do
|
140
161
|
@fstat.uid.should == 0
|
141
162
|
end
|
@@ -147,7 +168,7 @@ describe ExecSandbox::Spawn do
|
|
147
168
|
File.read(@temp_path).should == "Spawn uid test\n"
|
148
169
|
end
|
149
170
|
end
|
150
|
-
|
171
|
+
|
151
172
|
describe 'with non-root credentials' do
|
152
173
|
before do
|
153
174
|
@temp.unlink
|
@@ -156,18 +177,18 @@ describe ExecSandbox::Spawn do
|
|
156
177
|
{uid: test_uid, gid: test_gid}
|
157
178
|
@status = ExecSandbox::Wait4.wait4 pid
|
158
179
|
end
|
159
|
-
|
180
|
+
|
160
181
|
it 'should not crash' do
|
161
182
|
@status[:exit_code].should == 0
|
162
183
|
end
|
163
|
-
|
184
|
+
|
164
185
|
it 'should have the UID set to the test user' do
|
165
186
|
File.stat(@temp_path).uid.should == test_uid
|
166
187
|
end
|
167
188
|
it 'should have the GID set to the test group' do
|
168
189
|
File.stat(@temp_path).gid.should == test_gid
|
169
190
|
end
|
170
|
-
|
191
|
+
|
171
192
|
it 'should have the correct output' do
|
172
193
|
File.read(@temp_path).should == "Spawn uid test\n"
|
173
194
|
end
|
@@ -181,7 +202,7 @@ describe ExecSandbox::Spawn do
|
|
181
202
|
{uid: test_uid, gid: test_gid}
|
182
203
|
@status = ExecSandbox::Wait4.wait4 pid
|
183
204
|
end
|
184
|
-
|
205
|
+
|
185
206
|
it 'should crash (euid is set correctly)' do
|
186
207
|
@status[:exit_code].should_not == 0
|
187
208
|
end
|
@@ -190,7 +211,7 @@ describe ExecSandbox::Spawn do
|
|
190
211
|
File.read(@temp_path).should_not == "Spawn uid test\n"
|
191
212
|
end
|
192
213
|
end
|
193
|
-
|
214
|
+
|
194
215
|
describe 'with non-root credentials and a root-owned redirect file' do
|
195
216
|
before do
|
196
217
|
File.chmod 070, @temp_path
|
@@ -199,7 +220,7 @@ describe ExecSandbox::Spawn do
|
|
199
220
|
{uid: test_uid, gid: test_gid}
|
200
221
|
@status = ExecSandbox::Wait4.wait4 pid
|
201
222
|
end
|
202
|
-
|
223
|
+
|
203
224
|
it 'should crash (egid is set correctly)' do
|
204
225
|
@status[:exit_code].should_not == 0
|
205
226
|
end
|
@@ -208,28 +229,28 @@ describe ExecSandbox::Spawn do
|
|
208
229
|
File.read(@temp_path).should_not == "Spawn uid test\n"
|
209
230
|
end
|
210
231
|
end
|
211
|
-
|
232
|
+
|
212
233
|
describe 'with a working directory' do
|
213
234
|
before do
|
214
235
|
@temp_dir = Dir.mktmpdir 'exec_sandbox_rspec'
|
215
236
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:pwd), @temp_path],
|
216
|
-
{}, {dir: @temp_dir}
|
237
|
+
{}, {dir: @temp_dir}
|
217
238
|
@status = ExecSandbox::Wait4.wait4 pid
|
218
239
|
end
|
219
240
|
after do
|
220
241
|
Dir.rmdir @temp_dir
|
221
242
|
end
|
222
|
-
|
243
|
+
|
223
244
|
it 'should not crash' do
|
224
245
|
@status[:exit_code].should == 0
|
225
246
|
end
|
226
|
-
|
247
|
+
|
227
248
|
it 'should set the working directory' do
|
228
249
|
File.read(@temp_path).should == @temp_dir
|
229
250
|
end
|
230
251
|
end
|
231
252
|
end
|
232
|
-
|
253
|
+
|
233
254
|
describe '#spawn resource limits' do
|
234
255
|
before do
|
235
256
|
@temp = Tempfile.new 'exec_sandbox_rspec'
|
@@ -239,7 +260,7 @@ describe ExecSandbox::Spawn do
|
|
239
260
|
after do
|
240
261
|
File.unlink(@temp_path) if File.exist?(@temp_path)
|
241
262
|
end
|
242
|
-
|
263
|
+
|
243
264
|
describe 'buffer.rb with 512 megs' do
|
244
265
|
describe 'without limitations' do
|
245
266
|
before do
|
@@ -251,28 +272,28 @@ describe ExecSandbox::Spawn do
|
|
251
272
|
it 'should not crash' do
|
252
273
|
@status[:exit_code].should == 0
|
253
274
|
end
|
254
|
-
|
275
|
+
|
255
276
|
it 'should output 512 megs' do
|
256
277
|
File.stat(@temp_path).size.should == 512 * 1024 * 1024
|
257
278
|
end
|
258
279
|
end
|
259
|
-
|
280
|
+
|
260
281
|
describe 'with 256mb memory limitation' do
|
261
282
|
before do
|
262
283
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:buffer), @temp_path,
|
263
284
|
(512 * 1024 * 1024).to_s], {}, {}, {data: 256 * 1024 * 1024}
|
264
285
|
@status = ExecSandbox::Wait4.wait4 pid
|
265
286
|
end
|
266
|
-
|
287
|
+
|
267
288
|
it 'should crash' do
|
268
289
|
@status[:exit_code].should_not == 0
|
269
290
|
end
|
270
|
-
|
291
|
+
|
271
292
|
it 'should not have a chance to output data' do
|
272
293
|
File.stat(@temp_path).size.should == 0
|
273
294
|
end
|
274
295
|
end
|
275
|
-
|
296
|
+
|
276
297
|
describe 'with 256mb output limitation' do
|
277
298
|
before do
|
278
299
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:buffer), @temp_path,
|
@@ -280,28 +301,28 @@ describe ExecSandbox::Spawn do
|
|
280
301
|
{file_size: 64 * 1024 * 1024}
|
281
302
|
@status = ExecSandbox::Wait4.wait4 pid
|
282
303
|
end
|
283
|
-
|
304
|
+
|
284
305
|
it 'should crash' do
|
285
306
|
@status[:exit_code].should_not == 0
|
286
307
|
end
|
287
|
-
|
308
|
+
|
288
309
|
it 'should not output more than 256 megs' do
|
289
310
|
File.stat(@temp_path).size.should <= 256 * 1024 * 1024
|
290
311
|
end
|
291
312
|
end
|
292
313
|
end
|
293
|
-
|
314
|
+
|
294
315
|
describe 'buffer.rb with 128 megs' do
|
295
316
|
shared_examples_for 'working' do
|
296
317
|
it 'should not crash' do
|
297
318
|
@status[:exit_code].should == 0
|
298
319
|
end
|
299
|
-
|
320
|
+
|
300
321
|
it 'should output 128 megs' do
|
301
322
|
File.stat(@temp_path).size.should == 128 * 1024 * 1024
|
302
323
|
end
|
303
324
|
end
|
304
|
-
|
325
|
+
|
305
326
|
describe 'without limitations' do
|
306
327
|
before do
|
307
328
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:buffer), @temp_path,
|
@@ -311,17 +332,17 @@ describe ExecSandbox::Spawn do
|
|
311
332
|
|
312
333
|
it_behaves_like 'working'
|
313
334
|
end
|
314
|
-
|
335
|
+
|
315
336
|
describe 'with 256mb memory limitation' do
|
316
337
|
before do
|
317
338
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:buffer), @temp_path,
|
318
339
|
(128 * 1024 * 1024).to_s], {}, {}, {data: 256 * 1024 * 1024}
|
319
340
|
@status = ExecSandbox::Wait4.wait4 pid
|
320
341
|
end
|
321
|
-
|
342
|
+
|
322
343
|
it_behaves_like 'working'
|
323
344
|
end
|
324
|
-
|
345
|
+
|
325
346
|
describe 'with 256mb output limitation' do
|
326
347
|
before do
|
327
348
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:buffer), @temp_path,
|
@@ -329,12 +350,12 @@ describe ExecSandbox::Spawn do
|
|
329
350
|
{file_size: 256 * 1024 * 1024}
|
330
351
|
@status = ExecSandbox::Wait4.wait4 pid
|
331
352
|
end
|
332
|
-
|
353
|
+
|
333
354
|
it_behaves_like 'working'
|
334
355
|
end
|
335
356
|
end
|
336
|
-
|
337
|
-
|
357
|
+
|
358
|
+
|
338
359
|
describe 'fork.rb' do
|
339
360
|
describe 'without limitations' do
|
340
361
|
before do
|
@@ -346,29 +367,29 @@ describe ExecSandbox::Spawn do
|
|
346
367
|
it 'should not crash' do
|
347
368
|
@status[:exit_code].should == 0
|
348
369
|
end
|
349
|
-
|
370
|
+
|
350
371
|
it 'should output 10 +es' do
|
351
372
|
File.stat(@temp_path).size.should == 10
|
352
373
|
end
|
353
374
|
end
|
354
|
-
|
375
|
+
|
355
376
|
describe 'with sub-process limitation' do
|
356
377
|
before do
|
357
378
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:fork), @temp_path,
|
358
379
|
10.to_s], {}, {}, {processes: 4}
|
359
380
|
@status = ExecSandbox::Wait4.wait4 pid
|
360
381
|
end
|
361
|
-
|
382
|
+
|
362
383
|
it 'should crash' do
|
363
384
|
@status[:exit_code].should_not == 0
|
364
385
|
end
|
365
|
-
|
386
|
+
|
366
387
|
it 'should output less than 5 +es' do
|
367
388
|
File.stat(@temp_path).size.should < 5
|
368
389
|
end
|
369
390
|
end
|
370
391
|
end
|
371
|
-
|
392
|
+
|
372
393
|
describe 'churn.rb' do
|
373
394
|
describe 'without limitations' do
|
374
395
|
before do
|
@@ -380,16 +401,16 @@ describe ExecSandbox::Spawn do
|
|
380
401
|
it 'should not crash' do
|
381
402
|
@status[:exit_code].should == 0
|
382
403
|
end
|
383
|
-
|
404
|
+
|
384
405
|
it 'should run for at least 2 seconds' do
|
385
406
|
(@status[:user_time] + @status[:system_time]).should > 2
|
386
407
|
end
|
387
|
-
|
408
|
+
|
388
409
|
it 'should output something' do
|
389
410
|
File.stat(@temp_path).size.should > 0
|
390
411
|
end
|
391
412
|
end
|
392
|
-
|
413
|
+
|
393
414
|
describe 'with CPU time limitation' do
|
394
415
|
before do
|
395
416
|
pid = ExecSandbox::Spawn.spawn [bin_fixture(:churn), @temp_path,
|
@@ -404,7 +425,7 @@ describe ExecSandbox::Spawn do
|
|
404
425
|
it 'should run for less than 2 seconds' do
|
405
426
|
(@status[:user_time] + @status[:system_time]).should < 2
|
406
427
|
end
|
407
|
-
|
428
|
+
|
408
429
|
it 'should not have a chance to output' do
|
409
430
|
File.stat(@temp_path).size.should == 0
|
410
431
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: exec_sandbox
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Victor Costan
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-02-
|
11
|
+
date: 2014-02-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi
|
@@ -179,7 +179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
179
179
|
version: '0'
|
180
180
|
requirements: []
|
181
181
|
rubyforge_project:
|
182
|
-
rubygems_version: 2.
|
182
|
+
rubygems_version: 2.0.14
|
183
183
|
signing_key:
|
184
184
|
specification_version: 4
|
185
185
|
summary: Run foreign binaries using POSIX sandboxing features
|