secure 1.1.2 → 1.1.3

data/lib/secure/child_process.rb

@@ -23,9 +23,9 @@ module Secure
 
     def set_resource_limits
       Process::setrlimit(Process::RLIMIT_AS, @limit_memory) if @limit_memory
-      Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 2 + @limit_cpu) if @limit_cpu
+      Process::setrlimit(Process::RLIMIT_CPU, @limit_cpu, 1 + @limit_cpu) if @limit_cpu
       Process::setrlimit(Process::RLIMIT_NOFILE, @limit_files, @limit_files) if @limit_files
-      #Process::setrlimit(Process::RLIMIT_NPROC, @limit_procs, @limit_procs) if @limit_procs
+      Process::setrlimit(Process::RLIMIT_NPROC, @limit_procs, @limit_procs) if @limit_procs
     end
 
     def redirect_files
@@ -43,15 +43,21 @@ module Secure
       end
     end
 
-    def safely_run_block
+    def secure_process
+      run_before_methods
       set_resource_limits
+      $SAFE = @safe_value
+    end
+
+    def safely_run_block
       redirect_files
       thread = Thread.start do
-        run_before_methods
-        $SAFE = @safe_value
+        sleep
+        secure_process
         yield
       end
       decorate_with_guard_threads(thread)
+      thread.wakeup
       Response.success(thread.value)
     rescue Exception => e
       Response.error(e)

data/lib/secure/version.rb

@@ -1,3 +1,3 @@
 module Secure
-  VERSION = "1.1.2"
+  VERSION = "1.1.3"
 end

data/spec/secure/runner_spec.rb

@@ -89,40 +89,36 @@ module Secure
           while true; end
         end
         response.should_not be_success
-        response.error.should be_a(Secure::TimeoutError)
+        response.error.should be_a(TimeoutError)
       end
 
-      if RUBY_PLATFORM =~ /darwin/
-        pending "should kill a process with too much memory (does not work on OSX)"
-        pending "kills a process trying to fork (does not work on OSX)"
-      else
-
-        it "should kill a process with too much memory on linux" do
-          response = Runner.new(:limit_memory => 10 * 1024).run do
-            'a' * 10 * 1024
-          end
-          response.should_not be_success
-          response.error.should be_a(NoMemoryError)
+      it "kills a process using too much cpu" do
+        response = Runner.new(:limit_cpu => 1).run do
+          while true; end
         end
+        response.should_not be_success
+        response.error.should be_a(ChildKilledError)
+      end
 
-        it "kills a process trying to fork" do
-          response = Runner.new(:safe => 0, :limit_procs => 0).run do
-            fork do
-              exit
-            end
-            10
-          end
-          response.should_not be_success
-          response.error.should be_a(ThreadError)
+      it "should kill a process with too much memory" do
+        except_on_OSX
+        response = Runner.new(:limit_memory => 1024 * 1024).run do
+          'a' * 1024 * 1024
         end
+        response.should_not be_success
+        response.error.should be_a(ChildKilledError)
       end
 
-      it "kills a process using too much cpu" do
-        response = Runner.new(:limit_cpu => 1).run do
-          while true; end
+      it "kills a process trying to fork" do
+        except_on_OSX
+        response = Runner.new(:safe => 0, :limit_procs => 0).run do
+          fork do
+            exit
+          end
+          10
         end
         response.should_not be_success
-        response.error.should be_a(Secure::ChildKilledError)
+        response.error.should be_a(ChildKilledError)
       end
 
       it "kills a process running trying to open a file" do
@@ -204,14 +200,15 @@ module Secure
         read_file.read.should == "\"foobar\"\n"
       end
 
-      # This is pending because of some rspec wierdness that readline reads the first line of spec fil
-      pending "redirects standard input" do
-        write_file.puts "foobar"
-        write_file.close
-        response = Runner.new(:pipe_stdin => read_file).run do
-          readline
+      it "redirects standard input" do
+        pending "this does not work due to some rspec wierdness" do
+          write_file.puts "foobar"
+          write_file.close
+          response = Runner.new(:pipe_stdin => read_file).run do
+            readline
+          end
+          response.value.should == "foobar\n"
         end
-        response.value.should == "foobar\n"
       end
     end
   end

data/spec/spec_helper.rb

@@ -1 +1,5 @@
 require 'secure'
+
+def except_on_OSX
+  pending "does not work on OSX" if RUBY_PLATFORM =~ /darwin/
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: secure
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.1.3
   prerelease: 
 platform: ruby
 authors:
@@ -13,7 +13,7 @@ date: 2011-10-27 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70115111977220 !ruby/object:Gem::Requirement
+  requirement: &70139064843180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: '2.6'
   type: :development
   prerelease: false
-  version_requirements: *70115111977220
+  version_requirements: *70139064843180
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70115111976800 !ruby/object:Gem::Requirement
+  requirement: &70139064842760 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,7 +32,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70115111976800
+  version_requirements: *70139064842760
 description: see summary
 email:
 - tejas@gja.in