i have a text field in a database table (a text file, generally
speaking), with arbitrary Ruby code. i would like to execute this code
in my application’s current environment. but i need to hide all my
variables except for some specific ones from this code.
so i was thinking to create a class with a static method that accepts
parameters and put the content of the file in to this method. and pass
the variables i want to expose as parameters.
how is this done in ruby? i have never done it.
in addition, how to execute this code with maximal security level?
also, what would happen if the code reopened classes that i have
created? is this possible? how to make it not do that?
basically i want the user to type some code in to my application and
run it but i want to protect against malicious users who want to erase
my hard disk, etc.
thanks for any help!