shikashi 0.2.0 → 0.3.0

data/AUTHORS

@@ -1,3 +1,7 @@
 shikashi de tario <rseminara@hotmail.com>
+	- Roberto Dario Seminara
+
+Thanks to:
+	- Stellard for the contribution with the backstick and percent security bypass test ( test/security/test_system_calls.rb )
 
 

data/CHANGELOG

@@ -1,4 +1,8 @@
-0.2.0	Added control to the access to constants and global variables (See documentation)
+0.2.0	shikashi HookHandler opened to allow use it in nested hook handlers
+
+		Added restriction to avoid the system calls when using %x[] and ``
+
+		Added control over the access to constants and global variables (See documentation)
 
 		Remove rallhook dependency, replaced by getsource
 

data/README

@@ -138,9 +138,6 @@ define a class from inside the sandbox and use it from outside
 	# allow execution of print
 	priv.allow_method :print
 
-	# allow definition of classes
-	priv.allow_class_definitions
-
 	#inside the sandbox, only can use method foo on main and method times on instances of Fixnum
 	s.run(priv, '
 	class X
@@ -154,48 +151,51 @@ define a class from inside the sandbox and use it from outside
 	end
 	')
 
-	# run privileged code in the sandbox, if not, the methods defined in the sandbox are invisible from outside
-	s.run do
-		x = X.new
-		x.foo
-		begin
+	x = s.base_namespace::X.new
+	x.foo
+	begin
 		x.bar
-		rescue SecurityError => e
-			print "x.bar failed due security errors: #{e}\n"
-		end
+	rescue SecurityError => e
+		print "x.bar failed due security errors: #{e}\n"
 	end
+	
 
-
-=== Redirection feature example
-
-Simple redirection of method, the method foo is replaced by TestWrapper::call
+=== Base namespace
 
 	require "rubygems"
 	require "shikashi"
 
-	class TestWrapper < Shikashi::Sandbox::MethodWrapper
-	  def call(*args)
-	    print "called foo from source: #{source}, arguments: #{args.inspect} \n"
-	    original_call(*args)
-	  end
+	include Shikashi
+
+	module SandboxModule
 	end
 
 	class X
-	  def foo
-	    print "original foo\n"
-	  end
+		def foo
+			print "X#foo\n"
+		end
 	end
 
-	s = Shikashi::Sandbox.new
-	perm = Shikashi::Privileges.new
+	s = Sandbox.new
+	priv = Privileges.new
+	priv.allow_method :print
 
-	perm.object(X).allow :new
-	perm.instances_of(X).allow :foo
+	s.run( "
+	  class ::X
+		def foo
+			print \"foo defined inside the sandbox\\n\"
+		end
+	  end
+	  ", priv, :base_namespace => SandboxModule)
+	  
+
+	x = X.new # X class is not affected by the sandbox (The X Class defined in the sandbox is SandboxModule::X)
+	x.foo
+
+	x = SandboxModule::X.new
+	x.foo
 
-	# redirect calls to foo to TestWrapper
-	perm.instances_of(X).redirect :foo, TestWrapper
 
-	s.run(perm,"X.new.foo")
 
 === Timeout example
 
@@ -208,8 +208,8 @@ Simple redirection of method, the method foo is replaced by TestWrapper::call
 	perm.allow_method :sleep
 
 	s.run(perm,"sleep 3", :timeout => 2) # raise Shikashi::Timeout::Error after 2 seconds
-	
-	
+
+
 == Copying
 
-Copyright (c) 2010 Dario Seminara, released under the GPL License (see LICENSE)
+Copyright (c) 2010-2011 Dario Seminara, released under the GPL License (see LICENSE)

data/Rakefile

@@ -6,14 +6,15 @@ require 'rake/gempackagetask'
 
 spec = Gem::Specification.new do |s|
   s.name = 'shikashi'
-  s.version = '0.2.0'
+  s.version = '0.3.0'
   s.author = 'Dario Seminara'
   s.email = 'robertodarioseminara@gmail.com'
   s.platform = Gem::Platform::RUBY
-  s.summary = 'shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke (I.E., the script cannot use the File class or a RoR Model Class unless that permission is specified) "well done version" of ruby-arena-sanbox based on rallhook'
+  s.summary = 'shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke with a white list logic'
   s.homepage = "http://github.com/tario/shikashi"
   s.add_dependency "evalhook", ">= 0.1.0"
   s.add_dependency "getsource", ">= 0.1.0"
+  s.add_dependency "evalmimic", ">= 0.1.0"
   s.has_rdoc = true
   s.extra_rdoc_files = [ 'README' ]
 #  s.rdoc_options << '--main' << 'README'

data/examples/basic/example.rb

@@ -7,8 +7,6 @@ include Shikashi
 s = Sandbox.new
 priv = Privileges.new
 
-priv.allow_method :singleton_method_added
-
 # allow execution of foo in this object
 priv.object(self).allow :foo
 
@@ -17,7 +15,7 @@ priv.object(self).allow :print
 
 #inside the sandbox, only can use method foo on main and method times on instances of Fixnum
 code = "
-def self.inside_foo(a)
+def inside_foo(a)
 	print 'inside_foo'
 	if (a)
 	system('ls -l') # denied
@@ -25,10 +23,7 @@ def self.inside_foo(a)
 end
 "
 
-s.run(priv, code)
+s.run(code, priv, :no_base_namespace => true)
 
-s.run do
 inside_foo(false)
-inside_foo(true) #SecurityError
-
-end
+#inside_foo(true) #SecurityError

data/examples/basic/example2.rb

@@ -20,5 +20,5 @@ priv.object(self).allow :foo
 priv.instances_of(Fixnum).allow :times
 
 #inside the sandbox, only can use method foo on main and method times on instances of Fixnum
-s.run(priv, "2.times do foo end")
+s.run(priv, "2.times do foo end", :no_base_namespace => true)
 

data/examples/basic/example3.rb

@@ -31,7 +31,6 @@ priv.object(X).allow :new
 # allow instance methods of X. Note that the method privileged_operations is not allowed
 priv.instances_of(X).allow :foo, :bar
 
-priv.allow_method :=== # for exception handling
 #inside the sandbox, only can use method foo on main and method times on instances of Fixnum
 s.run(priv, '
 x = X.new

data/examples/basic/example4.rb

@@ -11,9 +11,6 @@ priv = Privileges.new
 # allow execution of print
 priv.allow_method :print
 
-# allow singleton methods
-priv.allow_singleton_methods
-
 #inside the sandbox, only can use method foo on main and method times on instances of Fixnum
 s.run(priv, '
 module A
@@ -27,12 +24,10 @@ end
 ')
 
 # run privileged code in the sandbox, if not, the methods defined in the sandbox are invisible from outside
-s.run do
-	A.inside_foo(false)
-	begin
-	A.inside_foo(true)
-	rescue SecurityError => e
-		print "A.inside_foo(true) failed due security errors: #{e}\n"
-	end
+s.base_namespace::A.inside_foo(false)
+begin
+	s.base_namespace::A.inside_foo(true)
+rescue SecurityError => e
+	print "A.inside_foo(true) failed due security errors: #{e}\n"
 end
 

data/examples/basic/example5.rb

@@ -28,13 +28,11 @@ end
 ')
 
 # run privileged code in the sandbox, if not, the methods defined in the sandbox are invisible from outside
-s.run do
-	x = X.new
-	x.foo
-	begin
+x = s.base_namespace::X.new
+x.foo
+begin
 	x.bar
-	rescue SecurityError => e
-		print "x.bar failed due security errors: #{e}\n"
-	end
+rescue SecurityError => e
+	print "x.bar failed due security errors: #{e}\n"
 end
 

data/examples/basic/example7.rb

@@ -1,5 +1,3 @@
-# "hello world" from within the sandbox
-
 require "rubygems"
 require "shikashi"
 

data/examples/basic/example8.rb

@@ -0,0 +1,33 @@
+require "rubygems"
+require "shikashi"
+
+include Shikashi
+
+module SandboxModule
+end
+
+class X
+	def foo
+		print "X#foo\n"
+	end
+end
+
+s = Sandbox.new
+priv = Privileges.new
+priv.allow_method :print
+
+s.run( "
+  class ::X
+	def foo
+		print \"foo defined inside the sandbox\\n\"
+	end
+  end
+  ", priv, :base_namespace => SandboxModule)
+  
+
+x = X.new # X class is not affected by the sandbox (The X Class defined in the sandbox is SandboxModule::X)
+x.foo
+
+x = SandboxModule::X.new
+x.foo
+

data/lib/shikashi/privileges.rb

@@ -85,26 +85,6 @@ public
       @all = true
     end
 
-    def redirect(method_name, method_wrapper_class)
-      allow method_name
-      @redirect_hash[method_name] = method_wrapper_class
-    end
-
-    def handle_redirection(klass, recv, method_name, sandbox)
-      rclass = @redirect_hash[method_name.to_sym]
-
-      if rclass
-        if block_given?
-          rclass.redirect_handler(klass, recv, method_name, 0, sandbox) do |mh|
-            yield(mh)
-          end
-        else
-          rclass.redirect_handler(klass, recv, method_name, 0, sandbox)
-        end
-      else
-        nil
-      end
-    end
   end
 
   def initialize
@@ -191,21 +171,6 @@ public
     @allowed_methods << method_name
   end
 
-  def handle_redirection(klass, recv, method_name, sandbox)
-    if @last_allowed
-      if block_given?
-        @last_allowed.handle_redirection(klass, recv, method_name, sandbox) do |mh|
-          yield(mh)
-        end
-      else
-        @last_allowed.handle_redirection(klass, recv, method_name, sandbox)
-      end
-    else
-      nil
-    end
-
-  end
-
   def allow?(klass, recv, method_name, method_id)
 
     m = nil
@@ -285,6 +250,9 @@ public
     end
   end
 
+  def xstr_allowed?
+    @xstr_allowed
+  end
 
   def global_allowed?(varname)
     @allowed_globals.include? varname
@@ -294,6 +262,22 @@ public
     @allowed_consts.include? varname
   end
 
+  # defines the permissions needed to execute system calls from the script
+  #
+  # Example:
+  #
+  #   s = Sandbox.new
+  #   priv = Privileges.new
+  #
+  #   priv.allow_xstr
+  #
+  #   s.run(priv, '
+  #     %x[ls -l]
+  #   ')
+  def allow_xstr
+    @xstr_allowed = true
+  end
+
   # defines the permissions needed to create or change a global variable
   #
   # Example:

data/lib/shikashi/sandbox.rb

@@ -24,6 +24,7 @@ require "shikashi/privileges"
 require "shikashi/pick_argument"
 require "getsource"
 require "timeout"
+require "evalmimic"
 
 module Shikashi
 
@@ -67,6 +68,8 @@ module Shikashi
 #Binding of execution, the default is a binding in a global context allowing the definition of module of classes
     attr_reader :chain
 
+    attr_reader :hook_handler
+
 #
 # Generate a random source file name for the sandbox, used internally
 #
@@ -78,7 +81,6 @@ module Shikashi
     def initialize
       @privileges = Hash.new
       @chain = Hash.new
-      @redirect_hash = Hash.new
     end
 
 # add a chain of sources, used internally
@@ -86,138 +88,28 @@ module Shikashi
       @chain[inner] = outer
     end
 
+    def base_namespace
+      @base_namespace
+    end
 
-#Base class to define redirections of methods called in the sandbox
-#
-#= Example 1
-#Basic redirection
-#
-# require "rubygems"
-# require "shikashi"
-#
-# class TestWrapper < Shikashi::Sandbox::MethodWrapper
-#   def call(*args)
-#     print "called foo from source: #{source}, arguments: #{args.inspect} \n"
-#     original_call(*args)
-#   end
-# end
-#
-#
-# class X
-#   def foo
-#     print "original foo\n"
-#   end
-# end
-#
-#
-# s = Shikashi::Sandbox.new
-# perm = Shikashi::Privileges.new
-#
-# perm.object(X).allow :new
-# perm.instances_of(X).allow :foo
-#
-# # redirect calls to foo to TestWrapper
-# perm.instances_of(X).redirect :foo, TestWrapper
-#
-# s.run(perm,"X.new.foo")
-#
-#= Example 2
-#Proper block handling on redirection wrapper
-#
-# require "rubygems"
-# require "shikashi"
-#
-# class TestWrapper < Shikashi::Sandbox::MethodWrapper
-#   def call(*args)
-#     print "called #{klass}#each block_given?:#{block_given?}, source: #{source}\n"
-#     if block_given?
-#      original_call(*args) do |*x|
-#        print "yielded value #{x.first}\n"
-#        yield(*x)
-#      end
-#     else
-#      original_call(*args)
-#     end
-#   end
-# end
-#
-# s = Shikashi::Sandbox.new
-# perm = Shikashi::Privileges.new
-#
-# perm.instances_of(Array).allow :each
-# perm.instances_of(Array).redirect :each, TestWrapper
-#
-# perm.instances_of(Enumerable::Enumerator).allow :each
-# perm.instances_of(Enumerable::Enumerator).redirect :each, TestWrapper
-#
-# perm.allow_method :print
-#
-# s.run perm, '
-#  array = [1,2,3]
-#
-#  array.each do |x|
-#    print x,"\n"
-#  end
-#
-#  enum = array.each
-#  enum.each do |x|
-#    print x,"\n"
-#  end
-# '
-    class MethodWrapper
-
-      class MethodRedirect
-        include RedirectHelper::MethodRedirect
-
-        attr_accessor :klass
-        attr_accessor :method_name
-        attr_accessor :recv
-      end
-
-      attr_accessor :recv
-      attr_accessor :method_name
-      attr_accessor :klass
+    class EvalhookHandler < EvalHook::HookHandler
       attr_accessor :sandbox
-      attr_accessor :privileges
-      attr_accessor :source
-
-      def self.redirect_handler(klass,recv,method_name,method_id,sandbox)
-        mw = self.new
-        mw.klass = klass
-        mw.recv = recv
-        mw.method_name = method_name
-        mw.sandbox = sandbox
-
-        if block_given?
-          yield(mw)
-        end
 
-        mr = MethodRedirect.new
+      def handle_xstr( str )
+        source = get_caller
 
-        mr.recv = mw
-        mr.klass = mw.class
-        mr.method_name = :call
-
-        mr
-      end
-
-      def original_call(*args)
-        if block_given?
-          klass.instance_method(method_name).bind(recv).call(*args) do |*x|
-            yield(*x)
+        privileges = sandbox.privileges[source]
+        if privileges
+          unless privileges.xstr_allowed?
+            raise SecurityError, "fobidden shell commands"
           end
-        else
-          klass.instance_method(method_name).bind(recv).call(*args)
         end
-      end
-    end
 
-    class EvalhookHandler < EvalHook::HookHandler
-      attr_accessor :sandbox
-      attr_accessor :redirect
+        `#{str}`
+      end
 
       def handle_gasgn( global_id, value )
-        source = caller[1].split(":").first
+        source = get_caller
 
         privileges = sandbox.privileges[source]
         if privileges
@@ -230,7 +122,7 @@ module Shikashi
       end
 
       def handle_cdecl(klass, const_id, value)
-        source = caller[1].split(":").first
+        source = get_caller
 
         privileges = sandbox.privileges[source]
         if privileges
@@ -240,8 +132,6 @@ module Shikashi
         end
 
         nil
-
-
       end
 
       def handle_method(klass, recv, method_name)
@@ -251,15 +141,17 @@ module Shikashi
 
         if method_name
 
-          source = caller[1].split(":").first
+          source = self.get_caller
           dest_source = klass.instance_method(method_name).body.file
 
           privileges = nil
           if source != dest_source then
             privileges = sandbox.privileges[source]
 
-            if privileges then
-              privileges = privileges.dup
+            unless privileges then
+               raise SecurityError.new("Cannot invoke method #{method_name} on object of class #{klass}")
+            else
+#              privileges = privileges.dup
               loop_source = source
               loop_privileges = privileges
 
@@ -284,23 +176,16 @@ module Shikashi
           return nil if method_name == :instance_eval
           return nil if method_name == :binding
 
-          if method_name
-            wclass = @redirect[method_name.to_sym]
-            if wclass then
-              return wclass.redirect_handler(klass,recv,method_name,method_id,sandbox)
-            end
-          end
+          nil
 
         end
 
-        if privileges
-          privileges.handle_redirection(klass,recv,method_name,sandbox) do |mh|
-            mh.privileges = privileges
-            mh.source = source
-          end
-        end
 
       end # if
+
+      def get_caller
+        caller[2].split(":").first
+      end
     end # Class
 
     #Run the code in sandbox with the given privileges, also run privileged code in the sandbox context for
@@ -369,12 +254,53 @@ module Shikashi
     # end
     #
     #
-
     def run(*args)
+    end
+
+    define_eval_method :run
+    def internal_eval(b_, args)
+
+      newargs = Array.new
+
+      timeout = args.pick(:timeout) do nil end
+      privileges_ = args.pick(Privileges,:privileges) do Privileges.new end
+      code = args.pick(String,:code)
+      binding_ = args.pick(Binding,:binding) do b_ end
+      source = args.pick(:source) do nil end
+      base_namespace = args.pick(:base_namespace) do create_adhoc_base_namespace end
+      @base_namespace = base_namespace
+      no_base_namespace = args.pick(:no_base_namespace) do false end
+
+      run_i(code, privileges_, binding_, :base_namespace => base_namespace, :timeout => timeout, :no_base_namespace => no_base_namespace)
+    end
+
+    def create_hook_handler(*args)
+      hook_handler = EvalhookHandler.new
+      hook_handler.sandbox = self
+      @base_namespace = args.pick(:base_namespace) do create_adhoc_base_namespace end
+      hook_handler.base_namespace = @base_namespace
+
+      source = args.pick(:source) do generate_id end
+      privileges_ = args.pick(Privileges,:privileges) do Privileges.new end
+
+      self.privileges[source] = privileges_
+
+      hook_handler
+    end
+
+
+private
+
+    def create_adhoc_base_namespace
+      rnd_module_name = "SandboxBasenamespace#{rand(100000000)}"
+
+      eval("module Shikashi::Sandbox::#{rnd_module_name}; end")
+      @base_namespace = eval("Shikashi::Sandbox::#{rnd_module_name}")
+      @base_namespace
+    end
+
+    def run_i(*args)
 
-      handler = EvalhookHandler.new
-      handler.redirect = @redirect_hash
-      handler.sandbox = self
 
       t = args.pick(:timeout) do nil end
       raise Shikashi::Timeout::Error if t == 0
@@ -389,10 +315,26 @@ module Shikashi
             code = args.pick(String,:code)
             binding_ = args.pick(Binding,:binding) do Shikashi.global_binding end
             source = args.pick(:source) do generate_id end
+            base_namespace = args.pick(:base_namespace) do create_adhoc_base_namespace end
+            no_base_namespace = args.pick(:no_base_namespace) do false end
+
+            @hook_handler = self.create_hook_handler(
+                    :base_namespace => base_namespace,
+                    :privileges => privileges_,
+                    :source => source
+                    )
+
+            code = "nil;\n " + code
+
+            unless no_base_namespace
+              if (base_namespace.instance_of? Module)
+                code = "module #{base_namespace}\n #{code}\n end\n"
+              else
+                code = "class #{base_namespace}\n #{code}\n end\n"
+              end
+            end
 
-            self.privileges[source] = privileges_
-
-            handler.evalhook(code, binding_, source)
+            @hook_handler.evalhook(code, binding_, source)
           end
         rescue ::Timeout::Error
           raise Shikashi::Timeout::Error
@@ -400,28 +342,9 @@ module Shikashi
       end
     end
 
+  end
 
-    #redirects a method with given name to a wrapper of the given class
-    #example:
-    # class PrintWrapper < Shikashi::Sandbox::MethodWrapper
-    #   def call(*args)
-    #     print "invoked print\n"
-    #     original_call(*args)
-    #   end
-    # end
-    #
-    # sandbox.redirect(:print, PrintWrapper)
-    # sandbox.redirect(:print, :wrapper_class => PrintWrapper)
-    # sandbox.redirect(:method_name => :print, :wrapper_class => PrintWrapper)
-    #
-
-    def redirect(*args)
-      mname = args.pick(Symbol, :method_name)
-      wclass = args.pick(Class, :wrapper_class)
-      @redirect_hash[mname] = wclass
-    end
 
-  end
 end
 
 Shikashi.global_binding = binding()

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: shikashi
 version: !ruby/object:Gem::Version 
-  hash: 23
+  hash: 19
   prerelease: false
   segments: 
   - 0
-  - 2
+  - 3
   - 0
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors: 
 - Dario Seminara
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-10-30 00:00:00 -03:00
+date: 2011-01-16 00:00:00 -03:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -50,6 +50,22 @@ dependencies:
         version: 0.1.0
   type: :runtime
   version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: evalmimic
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 27
+        segments: 
+        - 0
+        - 1
+        - 0
+        version: 0.1.0
+  type: :runtime
+  version_requirements: *id003
 description: 
 email: robertodarioseminara@gmail.com
 executables: []
@@ -63,13 +79,12 @@ files:
 - examples/basic/example3.rb
 - examples/basic/example5.rb
 - examples/basic/example4.rb
+- examples/basic/example8.rb
 - examples/basic/example6.rb
 - examples/basic/example.rb
 - examples/basic/example7.rb
 - examples/basic/example2.rb
 - examples/timeout/example1.rb
-- examples/redir/example1.rb
-- examples/redir/example2.rb
 - lib/shikashi.rb
 - lib/shikashi/pick_argument.rb
 - lib/shikashi/sandbox.rb
@@ -77,7 +92,6 @@ files:
 - lib/shikashi/privileges/singleton_methods.rb
 - lib/shikashi/privileges/classes.rb
 - lib/shikashi/privileges.rb
-- test/functional/test_timeout.rb
 - AUTHORS
 - CHANGELOG
 - README
@@ -116,6 +130,6 @@ rubyforge_project:
 rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
-summary: shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke (I.E., the script cannot use the File class or a RoR Model Class unless that permission is specified) "well done version" of ruby-arena-sanbox based on rallhook
+summary: shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke with a white list logic
 test_files: []
 

data/examples/redir/example1.rb

@@ -1,26 +0,0 @@
- require "rubygems"
- require "shikashi"
-
- class TestWrapper < Shikashi::Sandbox::MethodWrapper
-   def call(*args)
-     print "called foo from source: #{source}, arguments: #{args.inspect} \n"
-     original_call(*args)
-   end
- end
-
- class X
-   def foo
-     print "original foo\n"
-   end
- end
-
- s = Shikashi::Sandbox.new
- perm = Shikashi::Privileges.new
-
- perm.object(X).allow :new
- perm.instances_of(X).allow :foo
-
- # redirect calls to foo to TestWrapper
- perm.instances_of(X).redirect :foo, TestWrapper
-
- s.run(perm,"X.new.foo")

data/examples/redir/example2.rb

@@ -1,40 +0,0 @@
- require "rubygems"
- require "shikashi"
-
- class TestWrapper < Shikashi::Sandbox::MethodWrapper
-   def call(*args)
-     print "called #{klass}#each block_given?:#{block_given?}, source: #{source}\n"
-     if block_given?
-      original_call(*args) do |*x|
-	print "yielded value #{x.first}\n"
-        yield(*x)
-      end
-     else
-      original_call(*args)
-     end
-   end
- end
-
- s = Shikashi::Sandbox.new
- perm = Shikashi::Privileges.new
- 
- perm.instances_of(Array).allow :each
- perm.instances_of(Array).redirect :each, TestWrapper
- 
- perm.instances_of(Enumerable::Enumerator).allow :each
- perm.instances_of(Enumerable::Enumerator).redirect :each, TestWrapper
- 
- perm.allow_method :print
-
- s.run perm, '
-  array = [1,2,3]
-
-  array.each do |x|
-    print x,"\n"
-  end
-
-  enum = array.each
-  enum.each do |x|
-    print x,"\n"
-  end
- '

data/test/functional/test_timeout.rb

@@ -1,36 +0,0 @@
-require "test/unit"
-require "shikashi"
-
-class TimeoutTest <  Test::Unit::TestCase
-
-  def _test_timeout(execution_delay, timeout)
-    priv = Shikashi::Privileges.new
-    # allow the execution of the method sleep to emulate an execution delay
-    priv.allow_method :sleep
-
-    if execution_delay > timeout
-      assert_raise Shikashi::Timeout::Error do
-        # specify the timeout and the current binding to use the execution_delay parameter
-        Shikashi::Sandbox.new.run("sleep execution_delay", priv, binding, :timeout => timeout)
-      end
-    else
-      assert_nothing_raised do
-        Shikashi::Sandbox.new.run("sleep execution_delay", priv, binding, :timeout => timeout)
-      end
-    end
-  end
-
-  def self.add_test(name, execution_delay, timeout)
-    define_method("test_"+name)  do
-      _test_timeout(execution_delay, timeout)
-    end
-  end
-
-  add_test "basic",2,1
-  add_test "float",0.2,0.1
-  add_test "float_no_hit",0.1,0.2
-  add_test "zero", 1,0
-  add_test "zero_no_hit", 0,1
-
-end
-