OK that makes sense. Does it apply to tainting objects too?
Pete
From: [email protected]
[mailto:[email protected]] On Behalf Of Tomas M.
Sent: Sunday,06 April 06, 2008 17:25
To: [email protected]
Subject: Re: [Ironruby-core] Safe Level checking
We don’t care about safe level now, so you can just ignore it. I doubt
it is
necessary to implement this feature at all. IronRuby doesn’t contain any
unsafe code. Hence CLR checks are always present regardless of what we
check, so your code cannot do anything that is disallowed by CLR
security
system. We can only disable Ruby calls to some methods. And that would
be a
real security restriction only in a mode that would disable all .NET
calls,
because otherwise you could always call your C# code that performs the
call.
Tomas
From: [email protected]
[mailto:[email protected]] On Behalf Of Peter Bacon
Darwin
Sent: Sunday, April 06, 2008 6:47 AM
To: [email protected]
Subject: [Ironruby-core] Safe Level checking
The Sockets library does a lot of Security checking, i.e. Is the
SafeLevel
too high for this action. It may be helpful to be able to specify this
kind
of thing as an attribute on the method.
Something like:
[RubyMethod("getsockopt")]
[RubySafeLevel(2)]
public static MutableString GetSocketOption(CodeContext/*!*/
context, RubyBasicSocket/!/ self, object/Numeric/ level,
object/Numeric/ optname) {
Rather than:
[RubyMethod("getsockopt")]
public static MutableString GetSocketOption(CodeContext/*!*/
context, RubyBasicSocket/!/ self, object/Numeric/ level,
object/Numeric/ optname) {
Protocols.CheckSafeLevel(context, 2, "getsockopt");
...
}
Or maybe even more cleverly integrate it into the .NET security
permissions
attributes.
What do you think?
Pete