shikashi 0.4.0 → 0.5.0

data/CHANGELOG

@@ -1,3 +1,9 @@
+0.5.0	Refactored sandbox to keep base namespace on each run  (see base_namespace example on README)
+
+		Code packet feature (see documentation)
+
+		Fixed spec to make it compatible with Ruby 1.9
+
 0.4.0	Removed evalmimic dependency
 
 		Implemented sugar syntax for Sandbox and Privileges methods (see documentation)

data/README

@@ -167,9 +167,6 @@ define a class from inside the sandbox and use it from outside
 
 	include Shikashi
 
-	module SandboxModule
-	end
-
 	class X
 		def foo
 			print "X#foo\n"
@@ -177,23 +174,23 @@ define a class from inside the sandbox and use it from outside
 	end
 
 	s = Sandbox.new
-	priv = Privileges.new
-	priv.allow_method :print
 
 	s.run( "
-	  class ::X
+	  class X
 		def foo
 			print \"foo defined inside the sandbox\\n\"
 		end
 	  end
-	  ", priv, :base_namespace => SandboxModule)
+	  ", Privileges.allow_method(:print))
 	  
 
 	x = X.new # X class is not affected by the sandbox (The X Class defined in the sandbox is SandboxModule::X)
 	x.foo
 
-	x = SandboxModule::X.new
+	x = s.base_namespace::X.new
 	x.foo
+	
+	s.run("X.new.foo", Privileges.allow_method(:new).allow_method(:foo))
 
 
 

data/Rakefile

@@ -6,13 +6,13 @@ require 'rake/gempackagetask'
 
 spec = Gem::Specification.new do |s|
   s.name = 'shikashi'
-  s.version = '0.4.0'
+  s.version = '0.5.0'
   s.author = 'Dario Seminara'
   s.email = 'robertodarioseminara@gmail.com'
   s.platform = Gem::Platform::RUBY
   s.summary = 'shikashi is a ruby sandbox that permits the execution of "unprivileged" scripts by defining the permitted methods and constants the scripts can invoke with a white list logic'
   s.homepage = "http://github.com/tario/shikashi"
-  s.add_dependency "evalhook", ">= 0.4.0"
+  s.add_dependency "evalhook", ">= 0.5.0"
   s.add_dependency "getsource", ">= 0.1.0"
   s.has_rdoc = true
   s.extra_rdoc_files = [ 'README' ]

data/examples/benchmark/bm1.rb

@@ -0,0 +1,29 @@
+require "rubygems"
+require "shikashi"
+require "benchmark"
+
+code = "class X
+		def foo(n)
+		end
+	end
+	X.new.foo(1000)
+	"
+
+s = Shikashi::Sandbox.new
+
+Benchmark.bm(7) do |x|
+	
+x.report("normal") {
+	1000.times do
+	s.run(code, Shikashi::Privileges.allow_method(:new))
+	end
+}
+
+x.report("packet") {
+	packet = s.packet(code, Shikashi::Privileges.allow_method(:new))
+	1000.times do
+	packet.run
+	end
+}
+
+end

data/examples/benchmark/bm2.rb

@@ -0,0 +1,25 @@
+require "rubygems"
+require "shikashi"
+require "benchmark"
+
+s = Shikashi::Sandbox.new
+
+class NilClass
+	def foo
+	end
+end
+
+Benchmark.bm(7) do |x|
+
+x.report {
+
+	code = "
+		500000.times {
+		nil.foo
+		}
+		"
+		
+	s.run code, Shikashi::Privileges.allow_method(:times).allow_method(:foo)
+}
+
+end

data/lib/shikashi/sandbox.rb

@@ -87,6 +87,10 @@ module Shikashi
     def initialize
       @privileges = Hash.new
       @chain = Hash.new
+      @hook_handler = EvalhookHandler.new
+      @hook_handler.sandbox = self
+      @base_namespace = create_adhoc_base_namespace
+      @hook_handler.base_namespace = @base_namespace
     end
 
 # add a chain of sources, used internally
@@ -98,6 +102,38 @@ module Shikashi
       @base_namespace
     end
 
+    class Packet
+      def initialize(evalhook_packet, default_privileges, source) #:nodoc:
+        @evalhook_packet = evalhook_packet
+        @default_privileges = default_privileges
+        @source = source
+      end
+
+      #Run the code in the package
+      #
+      #call-seq: run(arguments)
+      #
+      #Arguments
+      #
+      # :binding    Optional argument with the binding object of the context where the code is to be executed
+      #             The default is a binding in the global context
+      # :timeout    Optional argument to restrict the execution time of the script to a given value in seconds
+      def run(*args)
+        t = args.pick(:timeout) do nil end
+        binding_ = args.pick(Binding,:binding) do
+          nil
+        end
+
+        begin
+          timeout t do
+            @evalhook_packet.run(binding_, @source, 0)
+          end
+        rescue ::Timeout::Error
+          raise Shikashi::Timeout::Error
+        end
+      end
+    end
+
     class EvalhookHandler < EvalHook::HookHandler
       attr_accessor :sandbox
 
@@ -143,7 +179,8 @@ module Shikashi
         source = get_caller
         privileges = sandbox.privileges[source]
         if privileges
-          unless sandbox.base_namespace.constants.include? name
+          constants = sandbox.base_namespace.constants
+          unless constants.include? name or constants.include? name.to_sym
             unless privileges.const_read_allowed? name.to_s
               raise SecurityError, "cannot access constant #{name}"
             end
@@ -226,13 +263,10 @@ module Shikashi
       end
     end # Class
 
-    #Run the code in sandbox with the given privileges, also run privileged code in the sandbox context for
-    #execution of classes and methods defined in the sandbox from outside the sandbox if a block is passed
+    #Run the code in sandbox with the given privileges
     # (see examples)
     #
-    #call-seq: run(arguments)
-    #
-    #Arguments
+    # Arguments
     #
     # :code       Mandatory argument of class String with the code to execute restricted in the sandbox
     # :privileges Optional argument of class Shikashi::Sandbox::Privileges to indicate the restrictions of the
@@ -244,6 +278,9 @@ module Shikashi
     #             be specified as hash parameter
     # :timeout    Optional argument to restrict the execution time of the script to a given value in seconds
     #             (accepts integer and decimal values), when timeout hits Shikashi::Timeout::Error is raised
+    # :base_namespace   Alternate module to contain all classes and constants defined by the unprivileged code
+    #                   if not specified, by default, the base_namespace is created with the sandbox itself
+    # :no_base_namespace  Specify to do not use a base_namespace (default false, not recommended to change)
     #
     #
     #The arguments can be passed in any order and using hash notation or not, examples:
@@ -286,29 +323,77 @@ module Shikashi
     #   end
     #    ', :privileges => privileges)
     #
-    # #outside of this block, the method foo defined in the sandbox are invisible
-    # sandbox.run do
-    #   self.foo
-    # end
-    #
     #
     def run(*args)
-      newargs = Array.new
+      run_i(*args)
+    end
 
-      timeout = args.pick(:timeout) do nil end
-      privileges_ = args.pick(Privileges,:privileges) do Privileges.new end
+    #Creates a packet of code with the given privileges to execute later as many times as neccessary
+    #
+    # (see examples)
+    #
+    # Arguments
+    #
+    # :code             Mandatory argument of class String with the code to execute restricted in the sandbox
+    # :privileges       Optional argument of class Shikashi::Sandbox::Privileges to indicate the restrictions of the
+    #                   code executed in the sandbox. The default is an empty Privileges (absolutly no permission)
+    #                   Must be of class Privileges or passed as hash_key (:privileges => privileges)
+    # :source           Optional argument to indicate the "source name", (visible in the backtraces). Only can
+    #                   be specified as hash parameter
+    # :base_namespace   Alternate module to contain all classes and constants defined by the unprivileged code
+    #                   if not specified, by default, the base_namespace is created with the sandbox itself
+    # :no_base_namespace  Specify to do not use a base_namespace (default false, not recommended to change)
+    #
+    # NOTE: arguments are the same as for Sandbox#run method, except for timeout and binding which can be
+    # used when calling Shikashi::Sandbox::Packet#run
+    #
+    #Example:
+    #
+    # require "rubygems"
+    # require "shikashi"
+    #
+    # include Shikashi
+    #
+    # sandbox = Sandbox.new
+    #
+    # privileges = Privileges.allow_method(:print)
+    #
+    # # this is equivallent to sandbox.run('print "hello world\n"')
+    # packet = sandbox.packet('print "hello world\n"', privileges)
+    # packet.run
+    #
+    def packet(*args)
       code = args.pick(String,:code)
+      base_namespace = args.pick(:base_namespace) do nil end
+      no_base_namespace = args.pick(:no_base_namespace) do @no_base_namespace end
+      privileges_ = args.pick(Privileges,:privileges) do Privileges.new end
 
-      source = args.pick(:source) do nil end
-      base_namespace = args.pick(:base_namespace) do create_adhoc_base_namespace end
+      hook_handler = nil
 
-      binding_ = args.pick(Binding,:binding) do
-        nil
+      if base_namespace
+        hook_handler = EvalhookHandler.new
+        hook_handler.base_namespace = base_namespace
+        hook_handler.sandbox = self
+      else
+        hook_handler = @hook_handler
+        base_namespace = hook_handler.base_namespace
+      end
+      source = args.pick(:source) do generate_id end
+
+      self.privileges[source] = privileges_
+
+      code = "nil;\n " + code
+
+      unless no_base_namespace
+        if (eval(base_namespace.to_s).instance_of? Module)
+          code = "module #{base_namespace}\n #{code}\n end\n"
+        else
+          code = "class #{base_namespace}\n #{code}\n end\n"
+        end
       end
-      @base_namespace = base_namespace
-      no_base_namespace = args.pick(:no_base_namespace) do false end
 
-      run_i(code, privileges_, binding_, :base_namespace => base_namespace, :timeout => timeout, :no_base_namespace => no_base_namespace)
+      evalhook_packet = @hook_handler.packet(code)
+      Shikashi::Sandbox::Packet.new(evalhook_packet, privileges_, source)
     end
 
     def create_hook_handler(*args)
@@ -338,7 +423,6 @@ private
 
     def run_i(*args)
 
-
       t = args.pick(:timeout) do nil end
       raise Shikashi::Timeout::Error if t == 0
       t = t || 0
@@ -352,26 +436,32 @@ private
             code = args.pick(String,:code)
             binding_ = args.pick(Binding,:binding) do Shikashi.global_binding end
             source = args.pick(:source) do generate_id end
-            base_namespace = args.pick(:base_namespace) do create_adhoc_base_namespace end
-            no_base_namespace = args.pick(:no_base_namespace) do false end
+            base_namespace = args.pick(:base_namespace) do nil end
+            no_base_namespace = args.pick(:no_base_namespace) do @no_base_namespace end
 
-            @hook_handler = self.create_hook_handler(
-                    :base_namespace => base_namespace,
-                    :privileges => privileges_,
-                    :source => source
-                    )
+            hook_handler = nil
+
+            if base_namespace
+              hook_handler = EvalhookHandler.new
+              hook_handler.base_namespace = base_namespace
+              hook_handler.sandbox = self
+            else
+              hook_handler = @hook_handler
+              base_namespace = hook_handler.base_namespace
+            end
 
+            self.privileges[source] = privileges_
             code = "nil;\n " + code
 
             unless no_base_namespace
-              if (base_namespace.instance_of? Module)
+              if (eval(base_namespace.to_s).instance_of? Module)
                 code = "module #{base_namespace}\n #{code}\n end\n"
               else
                 code = "class #{base_namespace}\n #{code}\n end\n"
               end
             end
 
-            @hook_handler.evalhook(code, binding_, source)
+            hook_handler.evalhook(code, binding_, source)
           end
         rescue ::Timeout::Error
           raise Shikashi::Timeout::Error

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: shikashi
 version: !ruby/object:Gem::Version 
-  hash: 15
+  hash: 11
   prerelease: false
   segments: 
   - 0
-  - 4
+  - 5
   - 0
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors: 
 - Dario Seminara
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-28 00:00:00 -03:00
+date: 2011-06-20 00:00:00 -03:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -26,12 +26,12 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 15
+        hash: 11
         segments: 
         - 0
-        - 4
+        - 5
         - 0
-        version: 0.4.0
+        version: 0.5.0
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -59,6 +59,8 @@ extensions: []
 extra_rdoc_files: 
 - README
 files: 
+- examples/benchmark/bm1.rb
+- examples/benchmark/bm2.rb
 - examples/basic/example1.rb
 - examples/basic/example3.rb
 - examples/basic/example5.rb