Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
A new implementation to replace Safe/Taint, since Safe and Taint do not work and provide a false sense of security. There are two options: Using a Sandbox type environment or a permission-based protocol. The Sandbox has been around since Java 1.0 and was found to be good only at a macro level. For finer grained control, the Permission class and AccessControl class were introduced in Java 1.2. Ruby/JRuby Security
Having a Permission based security implementation would be ideal.
- It must be something that can be implemented in MRI/KRI, possibly using the same API/mechanisms used right now.
- It must not introduce overhead back into the system like taint/safe does now.
- Security should be based on addition of rights instead of the removal of them.
- Fine-grained control should be allowed for distributed programming. For example, DRb
- Keep the current Implementation of Safe and Taint.
- A sandbox based on the same principles as the Java Sandbox.
Here is a sandbox base for MRI: http://code.whytheluckystiff.net/sandbox.
- Use a Permission based architecture such as Java 1.2 and later.
Clone this wiki locally
Press h to open a hovercard with more details.