secure 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
data/lib/secure.rb CHANGED
@@ -6,9 +6,9 @@ require "secure/runner"
6
6
 
7
7
  module Secure
8
8
  class << self
9
- def run(opts = {})
9
+ def run(opts = {}, *args)
10
10
  Runner.new(opts).run do
11
- yield
11
+ yield *args
12
12
  end
13
13
  end
14
14
 
data/lib/secure/runner.rb CHANGED
@@ -17,7 +17,7 @@ module Secure
17
17
  guard_threads << GuardThread.kill_thread_on_timeout(@timeout, thread)
18
18
 
19
19
  thread.value
20
- rescue StandardError => e
20
+ rescue SecurityError, TimeoutError => e
21
21
  Response.error(e)
22
22
  ensure
23
23
  #guard_threads.each(&:exit!)
@@ -1,3 +1,3 @@
1
1
  module Secure
2
- VERSION = "0.0.2"
2
+ VERSION = "0.0.3"
3
3
  end
data/spec/secure_spec.rb CHANGED
@@ -7,48 +7,80 @@ describe Secure do
7
7
  response.value.should == 8
8
8
  end
9
9
 
10
- it "should not allow an eval to be called" do
10
+ it "should kill all threads after running" do
11
11
  response = Secure.ly do
12
- eval "45"
12
+ 10
13
13
  end
14
- response.should_not be_success
15
- response.error.should be_a(SecurityError)
14
+ response.should be_success
15
+ Thread.list.should have(1).things
16
16
  end
17
17
 
18
- it "should not allow system calls" do
19
- response = Secure.ly do
20
- system("echo hi")
18
+ it "should take parameters" do
19
+ response = Secure.ly({}, 4, 2) do |a, b|
20
+ a + b
21
21
  end
22
- response.should_not be_success
23
- response.error.should be_a(SecurityError)
22
+ response.should be_success
23
+ response.value.should == 6
24
24
  end
25
25
 
26
- it "should have safe value set" do
27
- response = Secure.ly do
28
- $SAFE
26
+ context "safe value" do
27
+ it "should be set to 3" do
28
+ response = Secure.ly do
29
+ $SAFE
30
+ end
31
+ response.should be_success
32
+ response.value.should == 3
29
33
  end
30
- response.should be_success
31
- response.value.should == 3
32
- end
33
34
 
34
- it "should not have affected the global safe value" do
35
- response = Secure.ly {}
36
- response.should be_success
37
- $SAFE.should == 0
35
+ it "should not be affected in the parent thread" do
36
+ response = Secure.ly {}
37
+ response.should be_success
38
+ $SAFE.should == 0
39
+ end
38
40
  end
39
41
 
40
- it "should kill infinite loops" do
41
- response = Secure.ly :timeout => 0.005 do
42
- while true; end
42
+ context "security violations" do
43
+ it "should not allow an eval to be called" do
44
+ response = Secure.ly do
45
+ eval "45"
46
+ end
47
+ response.should_not be_success
48
+ response.error.should be_a(SecurityError)
49
+ end
50
+
51
+ it "should not allow system calls" do
52
+ response = Secure.ly do
53
+ system("echo hi")
54
+ end
55
+ response.should_not be_success
56
+ response.error.should be_a(SecurityError)
57
+ end
58
+
59
+ it "should kill infinite loops" do
60
+ response = Secure.ly :timeout => 0.005 do
61
+ while true; end
62
+ end
63
+ response.should_not be_success
64
+ response.error.should be_a(Secure::TimeoutError)
65
+ end
66
+
67
+ it "should not be able to open a file" do
68
+ response = Secure.ly do
69
+ File.open("/etc/passwd")
70
+ end
71
+ response.should_not be_success
72
+ response.error.should be_a(SecurityError)
43
73
  end
44
- response.should_not be_success
45
- response.error.should be_a(Secure::TimeoutError)
46
74
  end
47
75
 
48
- it "should kill all threads after running" do
49
- Secure.ly do
50
- 10
76
+ context "allowed syntax" do
77
+ it "should allow eval on an untainted string" do
78
+ string = "45".untaint
79
+ response = Secure.ly({}, string) do |str|
80
+ eval(str)
81
+ end
82
+ response.should be_success
83
+ response.value.should == 45
51
84
  end
52
- Thread.list.should have(1).things
53
85
  end
54
86
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 2
10
- version: 0.0.2
9
+ - 3
10
+ version: 0.0.3
11
11
  platform: ruby
12
12
  authors:
13
13
  - Tejas Dinkar
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-08-28 00:00:00 +05:30
18
+ date: 2011-08-29 00:00:00 +05:30
19
19
  default_executable:
20
20
  dependencies: []
21
21