The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Ruby Buzz Forum
The Thrilling Freaky-Freaky Sandbox Hack!!

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Red Handed

Posts: 1158
Nickname: redhanded
Registered: Dec, 2004

Red Handed is a Ruby-focused group blog.
The Thrilling Freaky-Freaky Sandbox Hack!! Posted: Jul 19, 2006 9:39 AM
Reply to this message Reply

This post originated from an RSS feed registered with Ruby Buzz by Red Handed.
Original Post: The Thrilling Freaky-Freaky Sandbox Hack!!
Feed Title: RedHanded
Feed URL: http://redhanded.hobix.com/index.xml
Feed Description: sneaking Ruby through the system 		Latest Ruby Buzz Posts
Latest Ruby Buzz Posts by Red Handed
Latest Posts From RedHanded

Advertisement

Holy cats, I’m proud to offer you this sensational hack today. For me, this is monumental, as it culminates a number of sundry microhacks from the past few years and gets us a step closer to realizing Try Ruby out in the broader kingdoms. This is the sort of thing that will make you want to post spangly angel GIFs in the comments.

Okay, requires a compiler. Then: gem install sandbox --source code.whytheluckystiff.net

Now, to create a sandboxed Ruby interp.

 >> require 'rubygems'
 >> require 'sandbox'
 >> s = Sandbox.new
 => #<Sandbox:0x84dea60>
 >> s.eval("2 + 6")
 => 8
 >> s.eval("'Jimmy'.reverse")
 => "ymmiJ" 
 >> s.eval('"Jimmy".length')
 => 5

Okay, so you can do all the Try Ruby examples. And what about danger?

 >> s.eval("Kernel.fork")
 (eval):1:in `method_missing': uninitialized constant NoMethodError::message (NameError)

Oh, check that out. Not only is Kernel.fork not defined, but NoMethodError isn’t defined either!

And yet, both are defined in the main interpreter outside the sandbox:

 >> Kernel.method(:fork)
 => #<Method: Kernel.fork>
 >> NoMethodError
 => NoMethodError

There are some security holes still being worked out on Ruby-Core, I need a few variables exposed. But, it’s looking really good. Many thanks to MenTaLguY who helped conceive this idea here in the comments.

So what are the implications? Oh, come on!

  • Load multiple Rails apps, Camping apps, Nitro apps into the same interpreter without polluting each other’s namespaces.
  • Allow Ruby code from users of your application without danger of affecting the app itself. (Scriptable wikis, markaby templates, ohhhh so many uses.)
  • Load several different versions of libraries at once (for testing and compatibility issues.)
  • Reloading an app within itself. (Fathom.)
  • Snapshoting an environment for reuse at a later stage. (The sandkit struct stores the whole environment.)

Eval has just become the least evil. alias docile eval!

Read: The Thrilling Freaky-Freaky Sandbox Hack!!

Topic: Rails Engines Reference Guide Previous Topic   Next Topic Topic: Rails: Not a DSL
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use