secure 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +2 -1
- data/lib/secure/child_process.rb +3 -1
- data/lib/secure/version.rb +1 -1
- data/spec/secure/runner_spec.rb +14 -0
- metadata +5 -5
data/README.md
CHANGED
@@ -39,6 +39,7 @@ Options:
|
|
39
39
|
* :pipe_stdin, :pipe_stdout, :pipe_stderr => A File to pipe the stdin, out ond stderr to
|
40
40
|
* :safe => An integer that represents the new safe mode (default 3)
|
41
41
|
* :limit_files => Maximum file descriptor the block can open. If you want to say no files, set this to 0
|
42
|
+
* :limit_procs => Maximum number of processes that the user can create. Set this to 0 if you want to ensure no one forks
|
42
43
|
|
43
44
|
Errors:
|
44
45
|
=======
|
@@ -57,7 +58,7 @@ How Does it work:
|
|
57
58
|
|
58
59
|
Known Issues:
|
59
60
|
=============
|
60
|
-
* :limit_memory does not work on OSX (at least whatever version I use), but it does work on linux
|
61
|
+
* :limit_memory and :limit_procs does not work on OSX (at least whatever version I use), but it does work on linux
|
61
62
|
* :pipe_stdout is not tested because of some rspec weirdness
|
62
63
|
* A block bound before $SAFE is set sees the old safe value. Refer to this for some clue about the reason why this happens: http://blog.sidu.in/2007/11/ruby-blocks-gotchas.html
|
63
64
|
* Stdout cannot be piped to a StringIO. You need to open a unix PIPE. There are two reasons for this. The code runs in a child process, so you need to use and IPC mechanism, and a string IO is not recognized as a file at the C level
|
data/lib/secure/child_process.rb
CHANGED
@@ -8,12 +8,13 @@ module Secure
|
|
8
8
|
@timeout = opts[:timeout]
|
9
9
|
@limit_memory = opts[:limit_memory]
|
10
10
|
@limit_cpu = opts[:limit_cpu]
|
11
|
+
@limit_files = opts[:limit_files]
|
12
|
+
@limit_procs = opts[:limit_procs]
|
11
13
|
@pipe_stdout = opts[:pipe_stdout]
|
12
14
|
@pipe_stderr = opts[:pipe_stderr]
|
13
15
|
@pipe_stdin = opts[:pipe_stdin]
|
14
16
|
@run_before = opts[:run_before]
|
15
17
|
@safe_value = opts[:safe] || 3
|
16
|
-
@limit_files = opts[:limit_files]
|
17
18
|
end
|
18
19
|
|
19
20
|
def guard_threads
|
@@ -24,6 +25,7 @@ module Secure
|
|
24
25
|
Process::setrlimit(Process::RLIMIT_AS, @limit_memory) if @limit_memory
|
25
26
|
Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 2 + @limit_cpu) if @limit_cpu
|
26
27
|
Process::setrlimit(Process::RLIMIT_NOFILE, @limit_files, @limit_files) if @limit_files
|
28
|
+
Process::setrlimit(Process::RLIMIT_NPROC, @limit_procs, @limit_procs) if @limit_procs
|
27
29
|
end
|
28
30
|
|
29
31
|
def redirect_files
|
data/lib/secure/version.rb
CHANGED
data/spec/secure/runner_spec.rb
CHANGED
@@ -94,7 +94,9 @@ module Secure
|
|
94
94
|
|
95
95
|
if RUBY_PLATFORM =~ /darwin/
|
96
96
|
pending "should kill a process with too much memory (does not work on OSX)"
|
97
|
+
pending "kills a process trying to fork (does not work on OSX)"
|
97
98
|
else
|
99
|
+
|
98
100
|
it "should kill a process with too much memory on linux" do
|
99
101
|
response = Runner.new(:limit_memory => 10 * 1024).run do
|
100
102
|
'a' * 10 * 1024
|
@@ -102,6 +104,17 @@ module Secure
|
|
102
104
|
response.should_not be_success
|
103
105
|
response.error.should be_a(NoMemoryError)
|
104
106
|
end
|
107
|
+
|
108
|
+
it "kills a process trying to fork" do
|
109
|
+
response = Runner.new(:safe => 0, :limit_procs => 0).run do
|
110
|
+
fork do
|
111
|
+
exit
|
112
|
+
end
|
113
|
+
10
|
114
|
+
end
|
115
|
+
response.should_not be_success
|
116
|
+
response.error.should be_a(ThreadError)
|
117
|
+
end
|
105
118
|
end
|
106
119
|
|
107
120
|
it "kills a process using too much cpu" do
|
@@ -120,6 +133,7 @@ module Secure
|
|
120
133
|
response.error.should be_a(Errno::EMFILE)
|
121
134
|
end
|
122
135
|
|
136
|
+
|
123
137
|
it "should not be able to open a file" do
|
124
138
|
response = Runner.new.run do
|
125
139
|
File.open("/etc/passwd")
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: secure
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -13,7 +13,7 @@ date: 2011-10-26 00:00:00.000000000Z
|
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rspec
|
16
|
-
requirement: &
|
16
|
+
requirement: &70151114884720 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ~>
|
@@ -21,10 +21,10 @@ dependencies:
|
|
21
21
|
version: '2.6'
|
22
22
|
type: :development
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *70151114884720
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: rake
|
27
|
-
requirement: &
|
27
|
+
requirement: &70151114884300 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ! '>='
|
@@ -32,7 +32,7 @@ dependencies:
|
|
32
32
|
version: '0'
|
33
33
|
type: :development
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *70151114884300
|
36
36
|
description: see summary
|
37
37
|
email:
|
38
38
|
- tejas@gja.in
|