Re: sandbox 0.0.11 -- taking the i out of eval

-----Original Message-----
From: why the lucky stiff [mailto:[email protected]]
Sent: Wednesday, July 19, 2006 10:22 AM
To: ruby-talk ML
Subject: [ANN] sandbox 0.0.11 – taking the i out of eval

This module swaps in a new symbol table, so you can basically
manage multiple interpreters at once. There are so many
possibilities for using this. For emulating selector
namespaces, for jailing code.

s = Sandbox.new
s.eval(“module Hidden; end”)
=> nil

Hidden
NameError: uninitialized constant Hidden

Very cool. By any chance have you ever looked at Perl’s Safe.pm? I’m
just curious if you have any comments as far as comparing and/or
contrasting it with your Sandbox code, or if there are any API features
from Safe.pm that you think would be worth borrowing.

Regards,

Dan

This communication is the property of Qwest and may contain confidential
or
privileged information. Unauthorized use of this communication is
strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and
destroy
all copies of the communication and any attachments.

On Thu, Jul 20, 2006 at 01:35:52AM +0900, Berger, Daniel wrote:

Very cool. By any chance have you ever looked at Perl’s Safe.pm? I’m
just curious if you have any comments as far as comparing and/or
contrasting it with your Sandbox code, or if there are any API features
from Safe.pm that you think would be worth borrowing.

I’m not saavy enough with Perl’s opcodes and its scope rules to say. It
looks
like the Sandbox is addressable by the outside environment (as
*{$obj->root()."::$var"}) which isn’t yet possible with my extension.
Overall,
though, it’s surprisingly similar. Also see IO’s Core.Sandbox[1] and
TCL’s interp[2] from which I took cues.

Thankyou for bringing this module up, though, I will definitely mine it
for
ideas featurewise. Equivalents for share and rdo sub are definitely
planned.

Loading from a file rdo is a great example of how luscious this
extension can be.
The master scope could load code from a Socket:
http://balloon.hobix.com/serve.rb but the Sandbox could have wrappers
for
Sockets and Files which would prompt the user for permission.

_why

[1]
http://www.iolanguage.com/docs/reference/browser.cgi?path=Core+Sandbox
[2] http://www.astro.princeton.edu/~rhl/Tcl-Tk_docs/tcl/interp.n.html

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs