secure 1.1.2 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -23,9 +23,9 @@ module Secure
23
23
 
24
24
  def set_resource_limits
25
25
  Process::setrlimit(Process::RLIMIT_AS, @limit_memory) if @limit_memory
26
- Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 2 + @limit_cpu) if @limit_cpu
26
+ Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 1 + @limit_cpu) if @limit_cpu
27
27
  Process::setrlimit(Process::RLIMIT_NOFILE, @limit_files, @limit_files) if @limit_files
28
- #Process::setrlimit(Process::RLIMIT_NPROC, @limit_procs, @limit_procs) if @limit_procs
28
+ Process::setrlimit(Process::RLIMIT_NPROC, @limit_procs, @limit_procs) if @limit_procs
29
29
  end
30
30
 
31
31
  def redirect_files
@@ -43,15 +43,21 @@ module Secure
43
43
  end
44
44
  end
45
45
 
46
- def safely_run_block
46
+ def secure_process
47
+ run_before_methods
47
48
  set_resource_limits
49
+ $SAFE = @safe_value
50
+ end
51
+
52
+ def safely_run_block
48
53
  redirect_files
49
54
  thread = Thread.start do
50
- run_before_methods
51
- $SAFE = @safe_value
55
+ sleep
56
+ secure_process
52
57
  yield
53
58
  end
54
59
  decorate_with_guard_threads(thread)
60
+ thread.wakeup
55
61
  Response.success(thread.value)
56
62
  rescue Exception => e
57
63
  Response.error(e)
@@ -1,3 +1,3 @@
1
1
  module Secure
2
- VERSION = "1.1.2"
2
+ VERSION = "1.1.3"
3
3
  end
@@ -89,40 +89,36 @@ module Secure
89
89
  while true; end
90
90
  end
91
91
  response.should_not be_success
92
- response.error.should be_a(Secure::TimeoutError)
92
+ response.error.should be_a(TimeoutError)
93
93
  end
94
94
 
95
- if RUBY_PLATFORM =~ /darwin/
96
- pending "should kill a process with too much memory (does not work on OSX)"
97
- pending "kills a process trying to fork (does not work on OSX)"
98
- else
99
-
100
- it "should kill a process with too much memory on linux" do
101
- response = Runner.new(:limit_memory => 10 * 1024).run do
102
- 'a' * 10 * 1024
103
- end
104
- response.should_not be_success
105
- response.error.should be_a(NoMemoryError)
95
+ it "kills a process using too much cpu" do
96
+ response = Runner.new(:limit_cpu => 1).run do
97
+ while true; end
106
98
  end
99
+ response.should_not be_success
100
+ response.error.should be_a(ChildKilledError)
101
+ end
107
102
 
108
- it "kills a process trying to fork" do
109
- response = Runner.new(:safe => 0, :limit_procs => 0).run do
110
- fork do
111
- exit
112
- end
113
- 10
114
- end
115
- response.should_not be_success
116
- response.error.should be_a(ThreadError)
103
+ it "should kill a process with too much memory" do
104
+ except_on_OSX
105
+ response = Runner.new(:limit_memory => 1024 * 1024).run do
106
+ 'a' * 1024 * 1024
117
107
  end
108
+ response.should_not be_success
109
+ response.error.should be_a(ChildKilledError)
118
110
  end
119
111
 
120
- it "kills a process using too much cpu" do
121
- response = Runner.new(:limit_cpu => 1).run do
122
- while true; end
112
+ it "kills a process trying to fork" do
113
+ except_on_OSX
114
+ response = Runner.new(:safe => 0, :limit_procs => 0).run do
115
+ fork do
116
+ exit
117
+ end
118
+ 10
123
119
  end
124
120
  response.should_not be_success
125
- response.error.should be_a(Secure::ChildKilledError)
121
+ response.error.should be_a(ChildKilledError)
126
122
  end
127
123
 
128
124
  it "kills a process running trying to open a file" do
@@ -204,14 +200,15 @@ module Secure
204
200
  read_file.read.should == "\"foobar\"\n"
205
201
  end
206
202
 
207
- # This is pending because of some rspec wierdness that readline reads the first line of spec fil
208
- pending "redirects standard input" do
209
- write_file.puts "foobar"
210
- write_file.close
211
- response = Runner.new(:pipe_stdin => read_file).run do
212
- readline
203
+ it "redirects standard input" do
204
+ pending "this does not work due to some rspec wierdness" do
205
+ write_file.puts "foobar"
206
+ write_file.close
207
+ response = Runner.new(:pipe_stdin => read_file).run do
208
+ readline
209
+ end
210
+ response.value.should == "foobar\n"
213
211
  end
214
- response.value.should == "foobar\n"
215
212
  end
216
213
  end
217
214
  end
@@ -1 +1,5 @@
1
1
  require 'secure'
2
+
3
+ def except_on_OSX
4
+ pending "does not work on OSX" if RUBY_PLATFORM =~ /darwin/
5
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.2
4
+ version: 1.1.3
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -13,7 +13,7 @@ date: 2011-10-27 00:00:00.000000000Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rspec
16
- requirement: &70115111977220 !ruby/object:Gem::Requirement
16
+ requirement: &70139064843180 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ~>
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: '2.6'
22
22
  type: :development
23
23
  prerelease: false
24
- version_requirements: *70115111977220
24
+ version_requirements: *70139064843180
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: rake
27
- requirement: &70115111976800 !ruby/object:Gem::Requirement
27
+ requirement: &70139064842760 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,7 +32,7 @@ dependencies:
32
32
  version: '0'
33
33
  type: :development
34
34
  prerelease: false
35
- version_requirements: *70115111976800
35
+ version_requirements: *70139064842760
36
36
  description: see summary
37
37
  email:
38
38
  - tejas@gja.in