Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tag: v1_9_1_rc1
Fetching contributors…

Cannot retrieve contributors at this time

file 129 lines (109 sloc) 2.513 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129
/**********************************************************************

eval.c -

$Author$
created at: Tue Sep 23 09:44:32 JST 2008

Copyright (C) 2008 Yukihiro Matsumoto

**********************************************************************/

/* safe-level:
0 - strings from streams/environment/ARGV are tainted (default)
1 - no dangerous operation by tainted value
2 - process/file operations prohibited
3 - all generated objects are tainted
4 - no global (non-tainted) variable modification/no direct output
*/

#define SAFE_LEVEL_MAX 4

#include "ruby/ruby.h"
#include "vm_core.h"

/* $SAFE accessor */

int
rb_safe_level(void)
{
    return GET_THREAD()->safe_level;
}

void
rb_set_safe_level_force(int safe)
{
    GET_THREAD()->safe_level = safe;
}

void
rb_set_safe_level(int level)
{
    rb_thread_t *th = GET_THREAD();

    if (level > th->safe_level) {
if (level > SAFE_LEVEL_MAX) {
level = SAFE_LEVEL_MAX;
}
th->safe_level = level;
    }
}

static VALUE
safe_getter(void)
{
    return INT2NUM(rb_safe_level());
}

static void
safe_setter(VALUE val)
{
    int level = NUM2INT(val);
    rb_thread_t *th = GET_THREAD();

    if (level < th->safe_level) {
rb_raise(rb_eSecurityError,
"tried to downgrade safe level from %d to %d",
th->safe_level, level);
    }
    if (level == 3) {
rb_warning("$SAFE=3 does no sandboxing; you might want to use $SAFE=4");
    }
    if (level > SAFE_LEVEL_MAX) {
level = SAFE_LEVEL_MAX;
    }
    th->safe_level = level;
}

void
rb_secure(int level)
{
    if (level <= rb_safe_level()) {
if (rb_frame_callee()) {
rb_raise(rb_eSecurityError, "Insecure operation `%s' at level %d",
rb_id2name(rb_frame_callee()), rb_safe_level());
}
else {
rb_raise(rb_eSecurityError, "Insecure operation at level %d",
rb_safe_level());
}
    }
}

void
rb_secure_update(VALUE obj)
{
    if (!OBJ_TAINTED(obj))
rb_secure(4);
}

void
rb_check_safe_obj(VALUE x)
{
    if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
if (rb_frame_callee()) {
rb_raise(rb_eSecurityError, "Insecure operation - %s",
rb_id2name(rb_frame_callee()));
}
else {
rb_raise(rb_eSecurityError, "Insecure operation: -r");
}
    }
    rb_secure(4);
}

void
rb_check_safe_str(VALUE x)
{
    rb_check_safe_obj(x);
    if (TYPE(x) != T_STRING) {
rb_raise(rb_eTypeError, "wrong argument type %s (expected String)",
rb_obj_classname(x));
    }
}

void
Init_safe(void)
{
    rb_define_virtual_variable("$SAFE", safe_getter, safe_setter);
}
Something went wrong with that request. Please try again.