secure 1.1.0 → 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +2 -1
- data/lib/secure/child_process.rb +3 -1
- data/lib/secure/version.rb +1 -1
- data/spec/secure/runner_spec.rb +14 -0
- metadata +5 -5
data/README.md
CHANGED
|
@@ -39,6 +39,7 @@ Options:
|
|
|
39
39
|
* :pipe_stdin, :pipe_stdout, :pipe_stderr => A File to pipe the stdin, out ond stderr to
|
|
40
40
|
* :safe => An integer that represents the new safe mode (default 3)
|
|
41
41
|
* :limit_files => Maximum file descriptor the block can open. If you want to say no files, set this to 0
|
|
42
|
+
* :limit_procs => Maximum number of processes that the user can create. Set this to 0 if you want to ensure no one forks
|
|
42
43
|
|
|
43
44
|
Errors:
|
|
44
45
|
=======
|
|
@@ -57,7 +58,7 @@ How Does it work:
|
|
|
57
58
|
|
|
58
59
|
Known Issues:
|
|
59
60
|
=============
|
|
60
|
-
* :limit_memory does not work on OSX (at least whatever version I use), but it does work on linux
|
|
61
|
+
* :limit_memory and :limit_procs does not work on OSX (at least whatever version I use), but it does work on linux
|
|
61
62
|
* :pipe_stdout is not tested because of some rspec weirdness
|
|
62
63
|
* A block bound before $SAFE is set sees the old safe value. Refer to this for some clue about the reason why this happens: http://blog.sidu.in/2007/11/ruby-blocks-gotchas.html
|
|
63
64
|
* Stdout cannot be piped to a StringIO. You need to open a unix PIPE. There are two reasons for this. The code runs in a child process, so you need to use and IPC mechanism, and a string IO is not recognized as a file at the C level
|
data/lib/secure/child_process.rb
CHANGED
|
@@ -8,12 +8,13 @@ module Secure
|
|
|
8
8
|
@timeout = opts[:timeout]
|
|
9
9
|
@limit_memory = opts[:limit_memory]
|
|
10
10
|
@limit_cpu = opts[:limit_cpu]
|
|
11
|
+
@limit_files = opts[:limit_files]
|
|
12
|
+
@limit_procs = opts[:limit_procs]
|
|
11
13
|
@pipe_stdout = opts[:pipe_stdout]
|
|
12
14
|
@pipe_stderr = opts[:pipe_stderr]
|
|
13
15
|
@pipe_stdin = opts[:pipe_stdin]
|
|
14
16
|
@run_before = opts[:run_before]
|
|
15
17
|
@safe_value = opts[:safe] || 3
|
|
16
|
-
@limit_files = opts[:limit_files]
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def guard_threads
|
|
@@ -24,6 +25,7 @@ module Secure
|
|
|
24
25
|
Process::setrlimit(Process::RLIMIT_AS, @limit_memory) if @limit_memory
|
|
25
26
|
Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 2 + @limit_cpu) if @limit_cpu
|
|
26
27
|
Process::setrlimit(Process::RLIMIT_NOFILE, @limit_files, @limit_files) if @limit_files
|
|
28
|
+
Process::setrlimit(Process::RLIMIT_NPROC, @limit_procs, @limit_procs) if @limit_procs
|
|
27
29
|
end
|
|
28
30
|
|
|
29
31
|
def redirect_files
|
data/lib/secure/version.rb
CHANGED
data/spec/secure/runner_spec.rb
CHANGED
|
@@ -94,7 +94,9 @@ module Secure
|
|
|
94
94
|
|
|
95
95
|
if RUBY_PLATFORM =~ /darwin/
|
|
96
96
|
pending "should kill a process with too much memory (does not work on OSX)"
|
|
97
|
+
pending "kills a process trying to fork (does not work on OSX)"
|
|
97
98
|
else
|
|
99
|
+
|
|
98
100
|
it "should kill a process with too much memory on linux" do
|
|
99
101
|
response = Runner.new(:limit_memory => 10 * 1024).run do
|
|
100
102
|
'a' * 10 * 1024
|
|
@@ -102,6 +104,17 @@ module Secure
|
|
|
102
104
|
response.should_not be_success
|
|
103
105
|
response.error.should be_a(NoMemoryError)
|
|
104
106
|
end
|
|
107
|
+
|
|
108
|
+
it "kills a process trying to fork" do
|
|
109
|
+
response = Runner.new(:safe => 0, :limit_procs => 0).run do
|
|
110
|
+
fork do
|
|
111
|
+
exit
|
|
112
|
+
end
|
|
113
|
+
10
|
|
114
|
+
end
|
|
115
|
+
response.should_not be_success
|
|
116
|
+
response.error.should be_a(ThreadError)
|
|
117
|
+
end
|
|
105
118
|
end
|
|
106
119
|
|
|
107
120
|
it "kills a process using too much cpu" do
|
|
@@ -120,6 +133,7 @@ module Secure
|
|
|
120
133
|
response.error.should be_a(Errno::EMFILE)
|
|
121
134
|
end
|
|
122
135
|
|
|
136
|
+
|
|
123
137
|
it "should not be able to open a file" do
|
|
124
138
|
response = Runner.new.run do
|
|
125
139
|
File.open("/etc/passwd")
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2011-10-26 00:00:00.000000000Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rspec
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70151114884720 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ~>
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: '2.6'
|
|
22
22
|
type: :development
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70151114884720
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rake
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70151114884300 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,7 +32,7 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70151114884300
|
|
36
36
|
description: see summary
|
|
37
37
|
email:
|
|
38
38
|
- tejas@gja.in
|