Dia 1.1 released!

Hey

For anyone on OSX who has a few minutes to spare you might “Dia” a fun
project to play around with.

It can run a Ruby block or an OSX Application under a sandbox with five
different profiles that affect the restrictions of the sandbox.

Here is a quick example:

require ‘rubygems’
require ‘dia’
require ‘open-uri’

Dia::SandBox.new(Dia::Profiles::NO_INTERNET).run_with_block do
open(URI.parse(‘http://www.google.com’)).read # Exception raised.
end

If anyone is curious, it use’s the features exposed in the C header file
“sandbox.h” on OSX to create a sandbox …

I released 1.1 today .

http://gemcutter.org/gems/dia
http://github.com/robgleeson/dia

Cheers,
Rob

On Feb 16, 7:24 am, Robert G. [email protected] wrote:

require ‘rubygems’
I released 1.1 today .

RubyGems.org | your community gem host

Looks interesting. I’m curious about the name, though. When I think of
“Dia” I first think of this:

http://projects.gnome.org/dia/

Regards,

Dan

Dan –

Thanks for the reply … I think this project has been mentioned to me
before but I took the name “Dia” from the Gaelic language. It translates
to “God”.

Thanks,
Rob

I’m just leaving an update:

Dia 1.3 was released a few days ago, and introduces some convenience
methods like Dia::Sandbox#terminate and Dia::Sandbox#alive? . Also
included in this release are API changes that add some
consistency(whether you are running a block or an application in a
sandbox, both are supplied to the constructer and initiated with
Dia::Sandbox#run)

Documentation: http://www.flowof.info/dia

Rob ,
http://blog.flowof.info

Josh –

Thanks for the interest!
Dia works on the operating system level by using features exposed by the
Mac OSX header “sandbox.h” … The most restrictive profile you can use
is Dia::Profiles::NO_OS_SERVICES, and this disallows all operating
system services.

If you were to setup a sandbox like you were talking about, I’d suggest
this profile.

You won’t be able to:

  • Read from the filesystem
  • Write to the filesystem
  • Access the internet
  • Do any kind of socket based communication
  • fork()

… And the restrictions go on, I’ve probably missed a few.

I’ll leave you with an example to give you some ideas:

sandbox = Dia::Sandbox(Dia::Profiles::NO_OS_SERVICES) do
open(URI.parse(‘http://www.google.com’)).read
end

Child process is spawned.

Ruby block is executed.

An attempt to access the internet encountered, and a subclass of

SystemCallError(Errno::EPERM) raised.
sandbox.run

If you have any question, please ask.

Thanks,
Rob

Typo fix:

sandbox = Dia::Sandbox.new(Dia::Profiles::NO_OS_SERVICES) do
open(URI.parse(‘http://www.google.com’)).read
end

Another mistake I made, this is the exception that actually gets raised
with the following code:

“could not lookup DNS configuration info service: Permission denied
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/net/http.rb:560:in
`initialize’: getaddrinfo: nodename nor servname provided, or not known
(hope:flowof.info robertgleeson$ SocketError)”

you will need to require ‘open-uri’ and ‘net/http’ before you call
Dia::Sandbox#run because require() will also fail under this sandbox.

Thanks for the feedback, Robert. I won’t be able to play with it for a
bit
because of work, school, and a business project I’m engaged in, but this
idea has been flirting with me for over a year, and I’ve been on the
lookout
for a tool like this to make it possible :slight_smile: I’ll definitely sit down and
play with it (aka see if it can stop my subversity, lol)

I’m really excited about this, thank you for making it available :slight_smile:

(lol, I have 6 minutes before I have to leave for school, and I’m
looking at
the clock debating whether I can install and try some of the examples
from
the github page within that time)

Josh –

Let me know how it goes :slight_smile: If you need any help you can get back to me
here, or on IRC (irc.freenode.net / “robgleeson”)

Since a child process is spawned by DIa::Sandbox#run, and you want to
capture a return value from your block i’d suggest using IO.pipe if you
haven’t thought of that already.

Thanks,
Rob

On Tue, Feb 23, 2010 at 5:19 AM, Robert G. [email protected] wrote:

Rob ,
http://blog.flowof.info

Posted via http://www.ruby-forum.com/.

Hi, Robert, I’ve been wanting to do a Rails project for my ACM group at
school that includes functionality similar to codepad.org and
javabat.com,
where code is submitted by the user and executed on the server. Of
course,
there are huge security risks with this, that I don’t currently have the
knowledge to address. Would Dia be able to handle situations like this
(at
least for Ruby)?

In particular, I want to take user submitted code and

  1. execute it, evaluate the output
  2. run some predesigned set of unit tests / specs against it, and report
    the
    success/failures

I feel like this could be a very effective learning tool, but like I
said,
security has been a big hurdle.

-Josh

Josh C. wrote:

On Wed, Feb 24, 2010 at 12:02 AM, Robert G. [email protected]
wrote:

Rob

Posted via http://www.ruby-forum.com/.

Hi, Robert. I seem to be having difficulty. I tried to hello world, but
I’m
getting a NullPointerError

http://img341.imageshack.us/img341/3522/picture12nc.png

I’m using RVM, and tried it with 1.8.6 and 7, and 1.9.1
I’m on OS X 10.5.6

When I run it in TextMate, it gives this backtrace
FFI::NullPointerError: invalid memory read at address=0x0
method get_string in pointer.rb at line 57
method read_string in pointer.rb at line 57
method run in sandbox.rb at line 58
method fork in sandbox.rb at line 56
method run in sandbox.rb at line 56
at top level in test1.rb at line 7

Hmm, I haven’t seen that before but I think I know what it is. I think a
call to sandbox_init() fails, and then we call #read_string on a NULL
pointer. It may be the hard-coded value passed as the second argument to
sandbox_init() causing this. It should be SANDBOX_NAMED.

I’ll work on a patch in the next hour or so(only waking up here), and
get back to you.

Sorry for the inconvenience.

Rob

On Wed, Feb 24, 2010 at 12:02 AM, Robert G. [email protected]
wrote:

Rob

Posted via http://www.ruby-forum.com/.

Hi, Robert. I seem to be having difficulty. I tried to hello world, but
I’m
getting a NullPointerError

http://img341.imageshack.us/img341/3522/picture12nc.png

I’m using RVM, and tried it with 1.8.6 and 7, and 1.9.1
I’m on OS X 10.5.6

When I run it in TextMate, it gives this backtrace
FFI::NullPointerError: invalid memory read at address=0x0
method get_string in pointer.rb at line 57
method read_string in pointer.rb at line 57
method run in sandbox.rb at line 58
method fork in sandbox.rb at line 56
method run in sandbox.rb at line 56
at top level in test1.rb at line 7

Here is the code:
require ‘rubygems’
require ‘dia’

sandbox = Dia::Sandbox.new(Dia::Profiles::NO_OS_SERVICES) do
puts ‘hello world’
end
sandbox.run

Josh –

I’m not 100% sure if this bug has been fixed or not, but I’ve made a few
changes.
I released Dia 1.4.pre for you to be able to get it easily, so all you
need to do is:

gem install dia --pre

If this doesn’t fix your issue maybe you can come on IRC(if you have the
time) so we can hack on the problem there.

Thanks,
Rob

On Thu, Feb 25, 2010 at 12:19 AM, Robert G. [email protected]
wrote:

time) so we can hack on the problem there.

Thanks,
Rob


Posted via http://www.ruby-forum.com/.

Thanks, Robert. I still get the same error, though. Tomorrow (Thurs),
I’ll
be at work between classes. I’ll try it out on my work computer and see
how
it goes, and should be able to get on IRC as well.

-Josh

Josh –

I managed to get a hold of somebody on IRC running 10.5, and it seems
sandbox_init() fails but it doesn’t write an error message. In other
words, we don’t know why the sandbox failed. It “Just did”. If you can
come onto IRC i’d appreciate it so we can try and find a solution.

irc.freenode.net , with nickname “robgleeson”

Thanks,
Rob

Just a quick update:
The bug reported by Josh Creek on 10.5 has been fixed in Dia 1.4.pre.2.
If anyone encounters any problems please get in touch…

Many thanks Josh :slight_smile:

Wanted to say thanks to Robert, who sat down with me and helped resolve
the
issue, everyone can try it out on irc channel flowof.info, type
rb_eval_str: puts ‘hello world’

And the robot will execute your Ruby in the sandbox, and return the
results.
Really cool stuff!