Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Secure execution of Code
Ruby
branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
bin
lib
test
AUTHORS
LICENSE
README.md
Rakefile
VERSION

README.md

Requires

Ruby MRI or Ruby 1.9.

Will not work with Rubinius! It does not support $SAFE.

I do not know JRuby.

Install

gem install Safebox

Usage

First load the safebox:

require 'safebox'

The most things in your Safebox are possible:

value = Safebox.eval "1+2**9"  # => 513
value = Safebox.eval {|| 1+2**8 }  # => 257

You can use a String or a Proc, also as argument:

value = Safebox.eval lambda {|| 1+2**7 }

More complex code with classes and everything else...

value = Safebox.eval do
    class Mail
        attr_accessor :subject, :body, :to, :from
        def generate
            [ "To: #{@to}", "From: #{@from}",
                "Subject: #{@subject}", '', @body ].join "\n"
        end
    end
    mail = Mail.new
    mail.from, mail.to, mail.subject = "me", "root", "Plz install Ruby :)"
    mail.subject = "..."
    mail.generate
end

Only some good things are not possible:

Safebox.eval "$stdout.puts 'I am OK!'"  # not possible :(

But, very bad code will not damage your system.

Safebox.eval "class Unsecure;def self.code() system 'rm *' ; end end; Unsecure.code"  # will fail :)

This will raise a SecurityError.

What is with raised exceptions, like SecurityError or others?

Safebox.eval "raise Exception"

This will print the Exception to Console.

You want to get the Exception?

ret = Safebox.run "raise Exception"
ret # => [:exception, #<Exception>]

What is Safebox.run?

ret = Safebox.run "1+2**9"
ret # => [:value, 513]

It returns the value or the raised exception. -- Nothing else.

You should know, Ruby is not stupid. I am very surprised, because this is not possible:

aA = Safebox.eval do
    class A
        def to_s
            'Owned!'
        end
    end
    A.new
end
aA.to_s  # => SecurityError: calling insecure method: to_s

A#to_s is defined in our Safebox, so every call outside can be a security hole.

But you can use #to_s in an other Safebox, withour any risk:

Safebox.eval aA.method( :to_s)  # => "Owned!"  # Not really :)

Behind Safebox

It uses only a Thread, $SAFE=4 and some code for automatism.

The real magic is Ruby itself.

Something went wrong with that request. Please try again.