Forum: Ruby "Living Dangerous" stage 2, summarizing ideas

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Gregory B. (Guest)
on 2006-01-09 01:12
(Received via mailing list)
Okay, the thread on "Why Living Dangerous can be A Good Thing" is
going quite well.
I'd like to start drafting up notes for my article, so I've put them
on a wiki page.

http://tinyurl.com/alaxa

Feel free to add sections, tweak definitions, etc etc and add your own
content.
However, please be mindful of the fact that this is intended to be a
summary of the community consensus, so please do ask here on RubyTalk
if you have doubts that you're opinion would be at least generally in
line with that of the community before adding it to the notes on the
wiki.

Please do reference any websites you are getting your materials from,
if you do so.

keep in mind, the key issues are:

1. Defining what the open nature of ruby is.
2. Addressing the concerns of those who find ruby 'dangerous'
3. Showing the benefits of ruby's openness and dynamicity.
4. Exposing the potential issues that arise from this, and how to avoid
them

As usual, I am overwhelmed by the RubyTalk effect, so please keep
those contributions coming!
James B. (Guest)
on 2006-01-09 01:24
(Received via mailing list)
Gregory B. wrote:
> if you have doubts that you're opinion would be at least generally in
> line with that of the community before adding it to the notes on the
> wiki.

If this is a Ruby community thing, would it make more sense to collect
this info on the RubyGarden wiki?

James

--

http://www.ruby-doc.org       - Ruby Help & Documentation
http://www.artima.com/rubycs/ - Ruby Code & Style: Writers wanted
http://www.rubystuff.com      - The Ruby Store for Ruby Stuff
http://www.jamesbritt.com     - Playing with Better Toys
http://www.30secondrule.com   - Building Better Tools
Chad P. (Guest)
on 2006-01-09 01:48
(Received via mailing list)
On Mon, Jan 09, 2006 at 08:10:04AM +0900, Gregory B. wrote:
> Okay, the thread on "Why Living Dangerous can be A Good Thing" is
> going quite well.
> I'd like to start drafting up notes for my article, so I've put them
> on a wiki page.
>
> http://tinyurl.com/alaxa

Is the "living dangerous" (as opposed to "living dangerously")
intentional for some reason I'm missing?

--
Chad P. [ CCD CopyWrite | http://ccd.apotheon.org ]

"Real ugliness is not harsh-looking syntax, but having to
build programs out of the wrong concepts." - Paul Graham
Gregory B. (Guest)
on 2006-01-09 02:07
(Received via mailing list)
On 1/8/06, James B. <removed_email_address@domain.invalid> wrote:
> > summary of the community consensus, so please do ask here on RubyTalk
> > if you have doubts that you're opinion would be at least generally in
> > line with that of the community before adding it to the notes on the
> > wiki.
>
> If this is a Ruby community thing, would it make more sense to collect
> this info on the RubyGarden wiki?

good point!  We can move it over there, sure.

new link:
http://rubygarden.org/ruby?TheOpenNatureOfRuby
James B. (Guest)
on 2006-01-09 02:19
(Received via mailing list)
Chad P. wrote:
> Is the "living dangerous" (as opposed to "living dangerously")
> intentional for some reason I'm missing?

I think of it as a play on "Think dangerous."

James

"Do you know your last name is an adverb?"
      from the film "Johnny Dangerously"

--

http://www.ruby-doc.org       - Ruby Help & Documentation
http://www.artima.com/rubycs/ - Ruby Code & Style: Writers wanted
http://www.rubystuff.com      - The Ruby Store for Ruby Stuff
http://www.jamesbritt.com     - Playing with Better Toys
http://www.30secondrule.com   - Building Better Tools
Lyndon S. (Guest)
on 2006-01-09 03:04
(Received via mailing list)
On 1/9/06, Gregory B. <removed_email_address@domain.invalid> wrote:
> However, please be mindful of the fact that this is intended to be a
> 1. Defining what the open nature of ruby is.
To me Ruby seems a little schizophrenic. It has the concept of classes
as
object templates, but they are almost like prototypes, mutable after
creation. So a cross between C++/Java Class style and Javascript/IO
prototype OO. There is no concept of Interfaces, so no limiting the
coupling
'surface area' of caller/callee interaction. Its a nice mix because you
don't 'have' to make use of mutable Objects/Classes, but they are like
programmer candy if you need them. I'm hoping Ruby 2/Rite goes even
further,
allowing fully 'custom' OO.


2. Addressing the concerns of those who find ruby 'dangerous'
3. Showing the benefits of ruby's openness and dynamicity.
4. Exposing the potential issues that arise from this, and how to avoid
them

As usual, I am overwhelmed by the RubyTalk effect, so please keep
those contributions coming!
Gregory B. (Guest)
on 2006-01-09 04:55
(Received via mailing list)
On 1/8/06, James B. <removed_email_address@domain.invalid> wrote:
> >
> > Is the "living dangerous" (as opposed to "living dangerously")
> > intentional for some reason I'm missing?
>
> I think of it as a play on "Think dangerous."

It is something of that matter, yes :O)
Gene T. (Guest)
on 2006-01-09 11:25
(Received via mailing list)
James B. wrote:
> Chad P. wrote:
> > On Mon, Jan 09, 2006 at 08:10:04AM +0900, Gregory B. wrote:
> >
> >
> > Is the "living dangerous" (as opposed to "living dangerously")
> > intentional for some reason I'm missing?
>
> I think of it as a play on "Think dangerous."
>

who 1st used the D-word, Matz, maybe?

http://www.rubyist.net/~matz/slides/rc2005/mgp00031.html

and theOpenNatureOfRuby wiki page is blank, what are entries supposed
to look like?
Gregory B. (Guest)
on 2006-01-09 12:07
(Received via mailing list)
On 1/9/06, Gene T. <removed_email_address@domain.invalid> wrote:

> and theOpenNatureOfRuby wiki page is blank, what are entries supposed
> to look like?

um... no it's not. Are you looking at the tarpit?
zimbatm (Guest)
on 2006-01-09 12:19
(Received via mailing list)
Hi,

I wanted to change the wiki but I'm not sure what I think is right
really is.

It seems to me that you forgot two cases where ruby's open nature is an
inconvenient. Due to ruby's open-class and lack of contraints, it seems
to me that you can't trust ruby code right away. You can't execute an
external code in your application in a specific boundary. You can't
trust it to be "evil" without reviewing it.

I have two example in mind.

First example. Imaging you're building a big web application where
users can submit their templates (eg. blog or wiki hosting) and you're
using embedded ruby in html. How can you trust that the user won't send
an "evil" template without reviewing it ? (disregarding javascript XSS
exploits)

Second example. You're implementing a remote execution mechanism with
agents. Like Java's JINI, you want clients to send pieces of code that
will be executed in the server's environment and then give the result
back. It's a bit like the client would send blocks to the server. How
do you avoid the client sending "evil" code that would redefine how the
server would work ?

I'm curious how these issues can be solved. I think _why used
obfuscation for http://tryruby.hobix.com/  but it's not applicable for
open-source projects. There is also the SAFE variable that limit ruby's
capabilities. But I think it's only applicable to the whole code, so
it's not a solution. Finally, you can taint classes to make the
unmutable but then you loose ruby's dynamicness.

Cheers,
   zimba.tm
J. Ryan S. (Guest)
on 2006-01-09 17:15
(Received via mailing list)
On Jan 9, 2006, at 5:18 AM, zimbatm wrote:

> First example. Imaging you're building a big web application where
> users can submit their templates (eg. blog or wiki hosting) and you're
> using embedded ruby in html. How can you trust that the user won't
> send
> an "evil" template without reviewing it ? (disregarding javascript XSS
> exploits)

> Second example. You're implementing a remote execution mechanism with
> agents. Like Java's JINI, you want clients to send pieces of code that
> will be executed in the server's environment and then give the result
> back. It's a bit like the client would send blocks to the server. How
> do you avoid the client sending "evil" code that would redefine how
> the
> server would work ?

These problems are one and the same: never, ever, ever trust user
data. (completed web forms, templates, client-side code, etc.)
Would you really not examine the template if it where embedded PHP or
something similar?  Is it not possible for client-side code to do
"bad things" in JINI?  I argue that this is not the fault of the
language, but problems inherent to the world the application lives in.

~ ryan ~
unknown (Guest)
on 2006-01-09 17:36
(Received via mailing list)
On Jan 9, 2006, at 5:18 AM, zimbatm wrote:
> It seems to me that you forgot two cases where ruby's open nature
> is an
> inconvenient. Due to ruby's open-class and lack of contraints, it
> seems
> to me that you can't trust ruby code right away. You can't execute an
> external code in your application in a specific boundary. You can't
> trust it to be "evil" without reviewing it.

Is this a 'Ruby' issue?  Isn't this true of any library/class/etc. that
you might use in any language?

Gary W.
This topic is locked and can not be replied to.