shikashi 0.3.1 → 0.4.0

data/CHANGELOG

@@ -1,3 +1,11 @@
+0.4.0	Removed evalmimic dependency
+
+		Implemented sugar syntax for Sandbox and Privileges methods (see documentation)
+
+		Added control over READ access to constants
+
+		Added control over READ access to global variables
+
 0.3.1	Fixed package info
 
 0.3.0	Added enclosure by base_namespace parameter (see examples)
@@ -5,6 +13,8 @@
 		shikashi HookHandler opened to allow use it in nested hook handlers
 
 		Added restriction to avoid the system calls when using %x[] and ``
+		
+0.2.0	shikashi HookHandler opened to allow use it in nested hook handlers
 
 0.2.0	Added control over the access to constants and global variables (See documentation)
 

data/Rakefile

@@ -6,15 +6,14 @@ require 'rake/gempackagetask'
 
 spec = Gem::Specification.new do |s|
   s.name = 'shikashi'
-  s.version = '0.3.1'
+  s.version = '0.4.0'
   s.author = 'Dario Seminara'
   s.email = 'robertodarioseminara@gmail.com'
   s.platform = Gem::Platform::RUBY
   s.summary = 'shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke with a white list logic'
   s.homepage = "http://github.com/tario/shikashi"
-  s.add_dependency "evalhook", ">= 0.2.0"
+  s.add_dependency "evalhook", ">= 0.4.0"
   s.add_dependency "getsource", ">= 0.1.0"
-  s.add_dependency "evalmimic", ">= 0.1.0"
   s.has_rdoc = true
   s.extra_rdoc_files = [ 'README' ]
 #  s.rdoc_options << '--main' << 'README'

data/examples/basic/example3.rb

@@ -6,10 +6,6 @@ require "shikashi"
 include Shikashi
 
 s = Sandbox.new
-priv = Privileges.new
-
-# allow execution of print
-priv.allow_method :print
 
 class X
 	def foo
@@ -25,12 +21,14 @@ class X
 		system("echo privileged operation > " + out)
 	end
 end
-# allow method new of class X
-priv.object(X).allow :new
 
-# allow instance methods of X. Note that the method privileged_operations is not allowed
-priv.instances_of(X).allow :foo, :bar
 
+priv = Privileges.
+		allow_method(:print). # allow execution of print
+		object(X).allow(:new). # allow method new of class X
+		instances_of(X).allow(:foo, :bar). # allow instance methods of X. Note that the method privileged_operations is not allowed
+		allow_const_read("X","SecurityError") # allow the access of X constant
+		
 #inside the sandbox, only can use method foo on main and method times on instances of Fixnum
 s.run(priv, '
 x = X.new

data/examples/basic/example6.rb

@@ -5,15 +5,12 @@ require "shikashi"
 
 include Shikashi
 
-s = Sandbox.new
-priv = Privileges.new
-
-priv.allow_method :print
-priv.allow_global :$a
-
-s.run(priv, '
+priv = Privileges.allow_method(:print).allow_global_write(:$a)
+Sandbox.run(priv,
+'
 $a = 9
 print "assigned 9 to $a\n"
-')
+'
+)
 
 p $a

data/examples/basic/example7.rb

@@ -3,13 +3,11 @@ require "shikashi"
 
 include Shikashi
 
-s = Sandbox.new
-priv = Privileges.new
+priv = Privileges.
+	allow_method(:print).
+	allow_const_write("Object::A")
 
-priv.allow_method :print
-priv.allow_const "Object::A"
-
-s.run(priv, '
+Sandbox.run(priv, '
 print "assigned 8 to Object::A\n"
 A = 8
 ')

data/examples/basic/example8.rb

@@ -12,17 +12,13 @@ class X
 	end
 end
 
-s = Sandbox.new
-priv = Privileges.new
-priv.allow_method :print
-
-s.run( "
+Sandbox.new.run( "
   class ::X
 	def foo
 		print \"foo defined inside the sandbox\\n\"
 	end
   end
-  ", priv, :base_namespace => SandboxModule)
+  ", Privileges.allow_method(:print), :base_namespace => SandboxModule)
   
 
 x = X.new # X class is not affected by the sandbox (The X Class defined in the sandbox is SandboxModule::X)

data/lib/shikashi/privileges.rb

@@ -40,7 +40,8 @@ public
 
   # Used in Privileges to store information about specified method permissions
   class AllowedMethods
-    def initialize
+    def initialize(privileges = nil)
+      @privileges = privileges
       @allowed_methods = Array.new
       @redirect_hash = Hash.new
       @all = false
@@ -78,11 +79,15 @@ public
       method_names.each do |mn|
       @allowed_methods << mn
       end
+
+      @privileges
     end
 
     #Specifies that any method is allowed
     def allow_all
       @all = true
+
+      @privileges
     end
 
   end
@@ -94,15 +99,17 @@ public
     @allowed_instances = Hash.new
     @allowed_methods = Array.new
     @allowed_klass_methods = Hash.new
-    @allowed_globals = Array.new
-    @allowed_consts = Array.new
+    @allowed_read_globals = Array.new
+    @allowed_read_consts = Array.new
+    @allowed_write_globals = Array.new
+    @allowed_write_consts = Array.new
   end
 
 private
   def hash_entry(hash, key)
     tmp = hash[key]
     unless tmp
-      tmp = AllowedMethods.new
+      tmp = AllowedMethods.new(self)
       hash[key] = tmp
     end
     tmp
@@ -168,7 +175,8 @@ public
 #
 
   def allow_method(method_name)
-    @allowed_methods << method_name
+    @allowed_methods << method_name.to_sym
+    self
   end
 
   def allow?(klass, recv, method_name, method_id)
@@ -254,15 +262,23 @@ public
     @xstr_allowed
   end
 
-  def global_allowed?(varname)
-    @allowed_globals.include? varname
+  def global_read_allowed?(varname)
+    @allowed_read_globals.include? varname
+  end
+
+  def global_write_allowed?(varname)
+    @allowed_write_globals.include? varname
   end
 
-  def const_allowed?(varname)
-    @allowed_consts.include? varname
+  def const_read_allowed?(varname)
+    @allowed_read_consts.include? varname
   end
 
-  # defines the permissions needed to execute system calls from the script
+  def const_write_allowed?(varname)
+    @allowed_write_consts.include? varname
+  end
+
+  # Enables the permissions needed to execute system calls from the script
   #
   # Example:
   #
@@ -274,11 +290,19 @@ public
   #   s.run(priv, '
   #     %x[ls -l]
   #   ')
+  #
+  #
+  # Example 2:
+  #
+  #   Sandbox.run('%x[ls -l]', Privileges.allow_xstr)
+  #
   def allow_xstr
     @xstr_allowed = true
+
+    self
   end
 
-  # defines the permissions needed to create or change a global variable
+  # Enables the permissions needed to read one or more global variables
   #
   # Example:
   #
@@ -286,7 +310,38 @@ public
   #   priv = Privileges.new
   #
   #   priv.allow_method :print
-  #   priv.allow_global :$a
+  #   priv.allow_global_read :$a
+  #
+  #   $a = 9
+  #
+  #   s.run(priv, '
+  #   print "$a value:", $a, "s\n"
+  #   ')
+  #
+  # Example 2
+  #
+  #   Sandbox.run('
+  #   print "$a value:", $a, "s\n"
+  #   print "$b value:", $b, "s\n"
+  #   ', Privileges.allow_global_read(:$a,:$b) )
+  #
+  def allow_global_read( *varnames )
+    varnames.each do |varname|
+      @allowed_read_globals << varname.to_sym
+    end
+
+    self
+  end
+
+  # Enables the permissions needed to create or change one or more global variables
+  #
+  # Example:
+  #
+  #   s = Sandbox.new
+  #   priv = Privileges.new
+  #
+  #   priv.allow_method :print
+  #   priv.allow_global_write :$a
   #
   #   s.run(priv, '
   #   $a = 9
@@ -295,18 +350,23 @@ public
   #
   #   p $a
   #
-  def allow_global( varname )
-    @allowed_globals << varname
+  def allow_global_write( *varnames )
+    varnames.each do |varname|
+      @allowed_write_globals << varname.to_sym
+    end
+
+    self
   end
 
-  # defines the permissions needed to create or change a const
+
+  # Enables the permissions needed to create or change one or more constants
   #
   # Example:
   #   s = Sandbox.new
   #   priv = Privileges.new
   #
   #   priv.allow_method :print
-  #   priv.allow_const "Object::A"
+  #   priv.allow_const_write "Object::A"
   #
   #   s.run(priv, '
   #   print "assigned 8 to Object::A\n"
@@ -315,10 +375,43 @@ public
   #
   #   p A
 
-  def allow_const( varname )
-    @allowed_consts << varname
+  def allow_const_write( *varnames )
+    varnames.each do |varname|
+      @allowed_write_consts << varname.to_s
+    end
+    self
+  end
+
+  # Enables the permissions needed to read one or more constants
+  #
+  # Example:
+  #   s = Sandbox.new
+  #   priv = Privileges.new
+  #
+  #   priv.allow_method :print
+  #   priv.allow_const_read "Object::A"
+  #
+  #   A = 8
+  #   s.run(priv, '
+  #   print "assigned Object::A:", A,"\n"
+  #   ')
+  #
+  def allow_const_read( *varnames )
+    varnames.each do |varname|
+      @allowed_read_consts << varname.to_s
+    end
+
+    self
   end
 
+
+  class << self
+    (Shikashi::Privileges.instance_methods - Object.instance_methods).each do |mname|
+      define_method(mname) do |*args|
+        Shikashi::Privileges.new.send(mname, *args)
+      end
+    end
+  end
 end
 
 end

data/lib/shikashi/sandbox.rb

@@ -24,7 +24,6 @@ require "shikashi/privileges"
 require "shikashi/pick_argument"
 require "getsource"
 require "timeout"
-require "evalmimic"
 
 module Shikashi
 
@@ -71,6 +70,13 @@ module Shikashi
     attr_reader :hook_handler
 
 #
+#   Same as Sandbox.new.run
+#
+
+    def self.run(*args)
+      Sandbox.new.run(Shikashi.global_binding, *args)
+    end
+#
 # Generate a random source file name for the sandbox, used internally
 #
 
@@ -113,7 +119,7 @@ module Shikashi
 
         privileges = sandbox.privileges[source]
         if privileges
-          unless privileges.global_allowed? global_id
+          unless privileges.global_write_allowed? global_id
             raise SecurityError.new("Cannot assign global variable #{global_id}")
           end
         end
@@ -121,13 +127,45 @@ module Shikashi
         nil
       end
 
+      def handle_gvar(global_id)
+        source = get_caller
+        privileges = sandbox.privileges[source]
+        if privileges
+          unless privileges.global_read_allowed? global_id
+            raise SecurityError, "cannot access global variable #{global_id}"
+          end
+        end
+
+        nil
+      end
+
+      def handle_const(name)
+        source = get_caller
+        privileges = sandbox.privileges[source]
+        if privileges
+          unless sandbox.base_namespace.constants.include? name
+            unless privileges.const_read_allowed? name.to_s
+              raise SecurityError, "cannot access constant #{name}"
+            end
+          end
+        end
+
+        const_value(sandbox.base_namespace.const_get(name))
+      end
+
       def handle_cdecl(klass, const_id, value)
         source = get_caller
 
         privileges = sandbox.privileges[source]
         if privileges
-          unless privileges.const_allowed? "#{klass}::#{const_id}"
-            raise SecurityError.new("Cannot assign const #{klass}::#{const_id}")
+          unless privileges.const_write_allowed? "#{klass}::#{const_id}"
+            if (klass == Object)
+              unless privileges.const_write_allowed? const_id.to_s
+                raise SecurityError.new("Cannot assign const #{const_id}")
+              end
+            else
+              raise SecurityError.new("Cannot assign const #{klass}::#{const_id}")
+            end
           end
         end
 
@@ -255,19 +293,18 @@ module Shikashi
     #
     #
     def run(*args)
-    end
-
-    define_eval_method :run
-    def internal_eval(b_, args)
-
       newargs = Array.new
 
       timeout = args.pick(:timeout) do nil end
       privileges_ = args.pick(Privileges,:privileges) do Privileges.new end
       code = args.pick(String,:code)
-      binding_ = args.pick(Binding,:binding) do b_ end
+
       source = args.pick(:source) do nil end
       base_namespace = args.pick(:base_namespace) do create_adhoc_base_namespace end
+
+      binding_ = args.pick(Binding,:binding) do
+        nil
+      end
       @base_namespace = base_namespace
       no_base_namespace = args.pick(:no_base_namespace) do false end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: shikashi
 version: !ruby/object:Gem::Version 
-  hash: 17
+  hash: 15
   prerelease: false
   segments: 
   - 0
-  - 3
-  - 1
-  version: 0.3.1
+  - 4
+  - 0
+  version: 0.4.0
 platform: ruby
 authors: 
 - Dario Seminara
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-22 00:00:00 -03:00
+date: 2011-04-28 00:00:00 -03:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -26,12 +26,12 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 23
+        hash: 15
         segments: 
         - 0
-        - 2
+        - 4
         - 0
-        version: 0.2.0
+        version: 0.4.0
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -50,22 +50,6 @@ dependencies:
         version: 0.1.0
   type: :runtime
   version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: evalmimic
-  prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 27
-        segments: 
-        - 0
-        - 1
-        - 0
-        version: 0.1.0
-  type: :runtime
-  version_requirements: *id003
 description: 
 email: robertodarioseminara@gmail.com
 executables: []