Is it possible to implement a secure interface exposed to the internet
I want to pass complex structures through an external API and DRB seems
like an obvious choice, but I’m concerned that DRB will allow code to
pass as well as the data, or methods to be called that I didn’t want to
Are my concerns well founded and if so, is there a way to secure the
From my simple tests, any modifications to a standard class are not
passed, and non-standard classes are not passed either.
I tie down the interface class by creating an “EmptyClass” and
subclassing the interface class from that.
(instance_methods - safe_methods).each do |method|
I also carefully check the data in the arguments too. I tried to use
$SAFE, but it got in the way rather than helped.
Could anybody provide advice on securing DRB and the proper use of $SAFE
for argument checking?