secure 0.0.2 → 0.0.3

data/lib/secure.rb

@@ -6,9 +6,9 @@ require "secure/runner"
 
 module Secure
   class << self
-    def run(opts = {})
+    def run(opts = {}, *args)
       Runner.new(opts).run do
-        yield
+        yield *args
       end
     end
 

data/lib/secure/runner.rb

@@ -17,7 +17,7 @@ module Secure
       guard_threads << GuardThread.kill_thread_on_timeout(@timeout, thread)
 
       thread.value
-    rescue StandardError => e
+    rescue SecurityError, TimeoutError => e
       Response.error(e)
     ensure
       #guard_threads.each(&:exit!)

data/lib/secure/version.rb

@@ -1,3 +1,3 @@
 module Secure
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

data/spec/secure_spec.rb

@@ -7,48 +7,80 @@ describe Secure do
     response.value.should == 8
   end
 
-  it "should not allow an eval to be called" do
+  it "should kill all threads after running" do
     response = Secure.ly do
-      eval "45"
+      10
     end
-    response.should_not be_success
-    response.error.should be_a(SecurityError)
+    response.should be_success
+    Thread.list.should have(1).things
   end
 
-  it "should not allow system calls" do
-    response = Secure.ly do
-      system("echo hi")
+  it "should take parameters" do
+    response = Secure.ly({}, 4, 2) do |a, b|
+      a + b
     end
-    response.should_not be_success
-    response.error.should be_a(SecurityError)
+    response.should be_success
+    response.value.should == 6
   end
 
-  it "should have safe value set" do
-    response = Secure.ly do
-      $SAFE
+  context "safe value" do
+    it "should be set to 3" do
+      response = Secure.ly do
+        $SAFE
+      end
+      response.should be_success
+      response.value.should == 3
     end
-    response.should be_success
-    response.value.should == 3
-  end
 
-  it "should not have affected the global safe value" do
-    response = Secure.ly {}
-    response.should be_success
-    $SAFE.should == 0
+    it "should not be affected in the parent thread" do
+      response = Secure.ly {}
+      response.should be_success
+      $SAFE.should == 0
+    end
   end
 
-  it "should kill infinite loops" do
-    response = Secure.ly :timeout => 0.005 do
-      while true; end
+  context "security violations" do
+    it "should not allow an eval to be called" do
+      response = Secure.ly do
+        eval "45"
+      end
+      response.should_not be_success
+      response.error.should be_a(SecurityError)
+    end
+
+    it "should not allow system calls" do
+      response = Secure.ly do
+        system("echo hi")
+      end
+      response.should_not be_success
+      response.error.should be_a(SecurityError)
+    end
+
+    it "should kill infinite loops" do
+      response = Secure.ly :timeout => 0.005 do
+        while true; end
+      end
+      response.should_not be_success
+      response.error.should be_a(Secure::TimeoutError)
+    end
+
+    it "should not be able to open a file" do
+      response = Secure.ly do
+        File.open("/etc/passwd")
+      end
+      response.should_not be_success
+      response.error.should be_a(SecurityError)
     end
-    response.should_not be_success
-    response.error.should be_a(Secure::TimeoutError)
   end
 
-  it "should kill all threads after running" do
-    Secure.ly do
-      10
+  context "allowed syntax" do
+    it "should allow eval on an untainted string" do
+      string = "45".untaint
+      response = Secure.ly({}, string) do |str|
+        eval(str)
+      end
+      response.should be_success
+      response.value.should == 45
     end
-    Thread.list.should have(1).things
   end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: secure
 version: !ruby/object:Gem::Version 
-  hash: 27
+  hash: 25
   prerelease: 
   segments: 
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors: 
 - Tejas Dinkar
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-08-28 00:00:00 +05:30
+date: 2011-08-29 00:00:00 +05:30
 default_executable: 
 dependencies: []