secure 0.3.0 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -6,6 +6,8 @@ module Secure
6
6
  read_file.close
7
7
  @pipe = write_file
8
8
  @timeout = opts[:timeout]
9
+ @limit_memory = opts[:limit_memory]
10
+ @limit_cpu = opts[:limit_cpu]
9
11
  end
10
12
 
11
13
  def guard_threads
@@ -13,6 +15,8 @@ module Secure
13
15
  end
14
16
 
15
17
  def safely_run_block
18
+ Process::setrlimit(Process::RLIMIT_AS, @limit_memory) if @limit_memory
19
+ Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 2 + @limit_cpu) if @limit_cpu
16
20
  thread = Thread.start do
17
21
  $SAFE=3
18
22
  yield
data/lib/secure/errors.rb CHANGED
@@ -1,4 +1,7 @@
1
1
  module Secure
2
2
  class TimeoutError < StandardError
3
3
  end
4
+
5
+ class ChildKilledError < StandardError
6
+ end
4
7
  end
@@ -9,6 +9,8 @@ module Secure
9
9
 
10
10
  def execute
11
11
  Marshal.load(Base64.decode64(@pipe.read))
12
+ rescue
13
+ Response.error(ChildKilledError.new("Child has been killed without returning"))
12
14
  end
13
15
  end
14
16
  end
@@ -1,3 +1,3 @@
1
1
  module Secure
2
- VERSION = "0.3.0"
2
+ VERSION = "0.4.0"
3
3
  end
@@ -65,6 +65,26 @@ module Secure
65
65
  response.error.should be_a(Secure::TimeoutError)
66
66
  end
67
67
 
68
+ if RUBY_PLATFORM =~ /darwin/
69
+ pending "should kill a process with too much memory (does not work on OSX)"
70
+ else
71
+ it "should kill a process with too much memory on linux" do
72
+ response = Runner.new(:limit_memory => 10 * 1024).run do
73
+ 'a' * 10 * 1024
74
+ end
75
+ response.should_not be_success
76
+ response.error.should be_a(NoMemoryError)
77
+ end
78
+ end
79
+
80
+ it "kills a process using too much cpu" do
81
+ response = Runner.new(:limit_cpu => 1).run do
82
+ while true; end
83
+ end
84
+ response.should_not be_success
85
+ response.error.should be_a(Secure::ChildKilledError)
86
+ end
87
+
68
88
  it "should not be able to open a file" do
69
89
  response = Runner.new.run do
70
90
  File.open("/etc/passwd")
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure
3
3
  version: !ruby/object:Gem::Version
4
- hash: 19
4
+ hash: 15
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
- - 3
8
+ - 4
9
9
  - 0
10
- version: 0.3.0
10
+ version: 0.4.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Tejas Dinkar
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-09-02 00:00:00 +05:30
18
+ date: 2011-09-05 00:00:00 +05:30
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency