Standard i/o fields blocked.

flatland · Oct 31, 2011 · f9309dc · f9309dc
1 parent 3d6d07c
commit f9309dc
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/src/clojail/testers.clj b/src/clojail/testers.clj
@@ -13,7 +13,7 @@
     '*read-eval* clojure.lang.Ref clojure.lang.Reflector 'ns-publics
     'ns-unmap 'set! 'ns-map 'ns-interns 'the-ns clojure.lang.Namespace
     'push-thread-bindings 'pop-thread-bindings 'future-call 'agent 'send
-    'send-off 'pmap 'pcalls 'pvals 'in-ns
+    'send-off 'pmap 'pcalls 'pvals 'in-ns 'System/out 'System/in 'System/err
     (p "java.lang.reflect")
     (p "java.util.concurrent")
     (p "java.awt")})

diff --git a/test/clojail/core_test.clj b/test/clojail/core_test.clj
@@ -86,5 +86,6 @@
     (is (= "foo\n" (sb '(slurp "test/test.txt"))))))
 
 (deftest block-fields-test
-  (let [sb (sandbox (into secure-tester #{'System/out}))]
-    (is (thrown-with-msg? SecurityException #"is bad!" (sb '(. System/out println "foo"))))))
+  (let [sb (sandbox secure-tester)]
+    (doseq [field '[System/out System/in System/in]]
+      (is (thrown-with-msg? SecurityException #"is bad!" (sb `(. ~field println "foo")))))))