sandboxed icon indicating copy to clipboard operation
sandboxed copied to clipboard
verified publisher icon QaDeS

Restrict environment

Open der-flo opened this issue 14 years ago • 2 comments

It is quite easy to break out of the sandbox, because the context doesn't restrict things like constants etc. . With e.g. https://github.com/tario/shikashi you can restrict them, but it isn't ruby-1.9-compatible yet. Can you make suggestions how you would solve this problem in combination with "sandboxed"?

Thanks, der Flo

der-flo avatar May 25 '11 07:05 der-flo

Currently, Sandboxed is merely a wrapper for Ruby's $SAFE mechanism. The current HEAD is prepared to use other mechanisms, and I even started to implement source inspection. Alas, my current project doesn't allow to finish it right now.

If you have urgent requests that can be fixed in little time, I'll be glad to help, though. Just bring on the details / test cases ;o)

QaDeS avatar May 26 '11 03:05 QaDeS

Well ok, I fixed this issue by moving all the sandboxed code out to another ruby process. I'll watch this project and this issue for progress. Thanks for your answer.

der-flo avatar May 26 '11 09:05 der-flo