Permalink
Commits on Feb 15, 2015
Commits on Jan 24, 2009
  1. Update expectations to match actual YAML hash ordering

    Signed-off-by: PJ Hyett <pjhyett@gmail.com>
    Brian Mitchell committed with pjhyett Dec 3, 2008
  2. Add tests for parser security

    Signed-off-by: PJ Hyett <pjhyett@gmail.com>
    Brian Mitchell committed with pjhyett Dec 3, 2008
  3. Lock down gem_eval from parser based code reordering hacks

    Signed-off-by: PJ Hyett <pjhyett@gmail.com>
    Brian Mitchell committed with pjhyett Dec 3, 2008
  4. freeze String class

    Signed-off-by: PJ Hyett <pjhyett@gmail.com>
    account-settings committed with pjhyett Nov 5, 2008
Commits on Nov 3, 2008
  1. fix test startup

    account-settings committed Nov 3, 2008
  2. made base glob dir more specific

    sped up gem_eval_test
    account-settings committed Nov 3, 2008
Commits on Nov 1, 2008
  1. moved all system commands outside of fork so security enhancements do…

    …nt interfere
    
    refactored code and tests
    account-settings committed Nov 1, 2008
Commits on Oct 31, 2008
  1. remove debug comments

    account-settings committed Oct 31, 2008
  2. patched array glob vulnerability

    Dir.glob now supported through lazy globbing
    Dir.glob now sandboxed away from parent directories
    account-settings committed Oct 31, 2008
  3. removed debug comments

    account-settings committed Oct 31, 2008
  4. protect against dangerous methods, even w untained data

    protect against all infinite loops, even endless ensure loop
    protect against access to the original string methods through modification of Method classes
    account-settings committed Oct 31, 2008
Commits on Oct 28, 2008
  1. added taint fix

    do processing inside of forked process to ensure no changes to ruby env persist
    account-settings committed Oct 28, 2008
Commits on Oct 24, 2008
  1. Initial commit of gem builder

    pjhyett committed Oct 24, 2008