sandboxed 0.0.1 → 0.0.2

data/lib/sandboxed.rb

@@ -1,8 +1,87 @@
+if RUBY_PLATFORM == 'jruby'
+  warn "Sandboxed is not supported on JRuby"
+end
+
 require 'sandboxed/compat'
 require 'sandboxed/proc'
 require 'sandboxed/fiber'
 
-module Kernel
+module Sandboxed
+  module Modes
+    class << self
+      def ctx_only(level, ctx, args, &block)
+        proc {
+          $SAFE=level
+          (ctx || eval("self", block.binding)).instance_exec(*args, &block)
+        }.call
+      end
+
+      def overlay(level, ctx, args, &block)
+        class << eval("self", block.binding)
+          include ContextHolder
+        end if ctx
+
+        proc {
+          $SAFE = level
+          yield *args
+        }.call
+      end
+    end
+  end
+  MODES = {:overlay => '1.8.6', :ctx_only => '1.8.7'}.reject{|m, v| v > RUBY_VERSION}
+  MODE_PREFERENCE = [:overlay, :ctx_only] & MODES.keys
+
+  class << self
+
+    def default_mode
+      @default_mode ||= MODE_PREFERENCE.first
+    end
+    def default_mode=(mode)
+      @default_mode = check_mode(mode)
+    end
+
+    def safe(*args, &block)
+      contexts = Thread.current[:__contexts_] ||= []
+      opts = args.last.is_a?(Hash) ? args.pop : {}
+      
+      mode = opts.delete(:mode) || default_mode
+      check_mode(mode)
+
+      level = opts.delete(:level) || 4
+      ctx = opts.delete(:context)
+      args << opts unless opts.empty? # be nicer about passed in hashes
+
+      contexts << ctx
+      result = Modes.send(mode, level, ctx, args, &block)
+      contexts.pop if ctx
+
+      result
+    end
+
+    def safe_method(mdl, *ms)
+      code = ms.map do |m|
+        safe_m = "#{m}__safe_"
+        <<-RUBY
+          alias #{safe_m} #{m}
+          def #{m}(*args, &block)
+            result = SAFE_FIBER.resume([self, :#{safe_m}, args, block])
+            result.is_a?(Exception) ? throw(result) : result  # TODO find a better way
+          end
+        RUBY
+      end.join("\n")
+      mdl.class_eval code
+    end
+
+  private
+    def check_mode(m)
+      mode = m.to_sym
+      return mode if MODES.member?(mode)
+      raise ArgumentError, "Sandbox mode '#{mode}' is not defined; must be one of #{MODES.keys.map.join(', ')}"
+    end
+
+  end
+
+  private
 
   # initialize worker fiber for sandboxed execution
   SAFE_FIBER = Fiber.new do |msg|
@@ -16,30 +95,28 @@ module Kernel
     end
   end.freeze
 
-  def safe(*args, &block)
-    opts = args.last.is_a?(Hash) ? args.pop : {}
-    level = opts.delete(:level) || 4
-    ctx = opts.delete(:context) || eval('self', block.binding) # rebind to actual declaring object
-    args << opts unless opts.empty? # be nicer about passed in hashes
-
-    bound = block.bind(ctx) # TODO 1.8 compat is missing out here. How to?
-    Fiber.new do |l, c, b, a|
-      $SAFE = l
-      b.call *a
-    end.resume(level, ctx, bound, args)
-  end
-
-  def safe_method(*ms)
-    ms.each do |m|
-      safe_m = :"#{m}__safe_"
-      alias_method safe_m, m
-      define_method m do |*args, &block|
-        result = SAFE_FIBER.resume([self, safe_m, args, block])
-        result.is_a?(Exception) ? throw(result) : result  # TODO find a better way
+  module ContextHolder
+    def method_missing(name, *args, &block)
+      if ctx = Thread.current[:__contexts_].last
+        if ctx.respond_to?(name)
+          return block ? ctx.send(name, *args, &block) : ctx.send(name, *args)
+        end
       end
+      super
     end
   end
+end
 
+if mode = ENV['SANDBOX']
+  Sandboxed.default_mode = mode
 end
 
+module Kernel
+  def safe(*args, &block)
+    Sandboxed.safe *args, &block
+  end
+  def safe_method(*names)
+    Sandboxed.safe_method self, *names
+  end
+end
 

data/lib/sandboxed/fiber.rb

@@ -1,26 +1,23 @@
 # Poor Man's Fiber (API compatible Thread based Fiber implementation for Ruby 1.8)
-# (c) 2008 Aman Gupta (tmm1)
+# Based on https://gist.github.com/4631 (c) 2008 Aman Gupta (tmm1)
 
 unless defined? Fiber
-  require 'thread'
+require 'thread'
 
   class FiberError < StandardError; end
 
-  class Fiber
+  class Fiber < Thread
     def initialize
       raise ArgumentError, 'new Fiber requires a block' unless block_given?
-
       @yield = Queue.new
       @resume = Queue.new
 
-      @thread = Thread.new{ @yield.push [yield(*@resume.pop)] }
-      @thread.abort_on_exception = true
-      @thread[:fiber] = self
+      super{ @yield.push [yield(*@resume.pop)] }
+      abort_on_exception = true
     end
-    attr_reader :thread
 
     def resume *args
-      raise FiberError, 'dead fiber called' unless @thread.alive?
+      raise FiberError, 'dead fiber called' unless alive?
       @resume.push(args)
       result = @yield.pop
       result.size > 1 ? result : result.first
@@ -33,41 +30,13 @@ unless defined? Fiber
     end
     
     def self.yield *args
-      raise FiberError, "can't yield from root fiber" unless fiber = Thread.current[:fiber]
+      raise FiberError, "can't yield from root fiber" unless fiber = Thread.current
       fiber.yield(*args)
     end
 
-    def self.current
-      Thread.current[:fiber] or raise FiberError, 'not inside a fiber'
-    end
-
     def inspect
       "#<#{self.class}:0x#{self.object_id.to_s(16)}>"
     end
   end
 end
 
-if __FILE__ == $0
-  f = Fiber.new{ puts 'hi'; p Fiber.yield(1); puts 'bye'; :done }
-  p f.resume
-  p f.resume(2)
-end
-
-__END__
-
-$ ruby fbr.rb
-hi
-1
-2
-bye
-:done
-
-$ ruby1.9 fbr.rb
-hi
-1
-2
-bye
-:done
-
-
-

data/lib/sandboxed/proc.rb

@@ -1,6 +1,6 @@
 unless Proc.method_defined?(:bind)
 
-  # copied from active_support proc.h to reduce dependencies
+  # copied from active_support proc.rb to reduce dependencies
   class Proc
     def bind(object)
       block, time = self, Time.now

data/lib/sandboxed/version.rb

@@ -1,3 +1,3 @@
 module Sandboxed
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/spec/sandboxed_spec.rb

@@ -25,10 +25,10 @@ describe Kernel do
       safe { 2 + 2 }.should == 4
     end
     it "should not execute unsafe operations" do
-      lambda{ safe{puts 'foo'} }.should raise_error SecurityError
+      lambda{ safe{puts 'foo'} }.should raise_error(SecurityError)
     end
     it "should allow access depending on the :level" do
-      lambda{ safe(:level => 0){'foo'.taint} }.should_not raise_error SecurityError
+      lambda{ safe(:level => 0){'foo'.taint} }.should_not raise_error(SecurityError)
     end
     it "should execute on the context object" do
       safe(:context => 'foo'){ reverse }.should == 'oof'
@@ -40,7 +40,7 @@ describe Kernel do
     end
     it "should pass in unsafe local variables" do
       arr = []
-      lambda{ safe(arr){|a| a << 'foo'} }.should raise_error SecurityError
+      lambda{ safe(arr){|a| a << 'foo'} }.should raise_error(SecurityError)
       arr.should == []
     end
     it "should pass in hash local variables and options" do
@@ -54,7 +54,7 @@ describe Kernel do
     end
 
     it "should not execute unsafe methods" do
-      lambda{ safe(:context => @ctx){internal_log 'foo'} }.should raise_error SecurityError
+      lambda{ safe(:context => @ctx){internal_log 'foo'} }.should raise_error(SecurityError)
     end
     it "should execute safe methods" do
       safe(:context => @ctx){sandbox_log 'foo'}.should == ['foo']

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 0
-  - 1
-  version: 0.0.1
+  - 2
+  version: 0.0.2
 platform: ruby
 authors: 
 - Michael Klaus
@@ -14,14 +14,13 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-11 00:00:00 +02:00
+date: 2011-04-13 00:00:00 +02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rspec
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
-    none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
@@ -58,7 +57,6 @@ rdoc_options: []
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
@@ -66,7 +64,6 @@ required_ruby_version: !ruby/object:Gem::Requirement
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
@@ -78,7 +75,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: sandboxed
-rubygems_version: 1.3.7
+rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: A ruby execution sandbox