This post originated from an RSS feed registered with Ruby Buzz by Red Handed. Original Post: Sandbox Has a New Patch Feed Title: RedHanded Feed URL: http://redhanded.hobix.com/index.xml Feed Description: sneaking Ruby through the system Latest Ruby Buzz Posts Latest Ruby Buzz Posts by Red Handed Latest Posts From RedHanded

What was a two-line patch has now become rather significant. Lots of development in the last few revolutions of the sun, mostly in regard to two massively outstanding issues: threading and security. (Instructions updated.)

What & How Many?

• MenTaLguY’s Thread#kill! method, which circumvents ensure inside the thread.
• My thread save/restore hooks, which let the sandbox walk in lockstep with your app’s threading.
• Also, exposing of ruby_top_cref and top_cref to let require work. (Already in Ruby CVS.)

Okay & To What End?

The Thread#kill! patch means we can now timeout threads:

 val = 
 Sandbox.safe(:timeout => 10).eval %{
 loop {}
 }

You can now accept endless loops and other DoS techniques into your safe sandbox and they’ll go away in due course. You’ll see a Sandbox::TimeoutError come back instead.

And the threading stuff means you can load libraries which use threads into separate sandboxes. Or manage sandboxes inside of threads. Whatever. With some encouragement on #camping last night, I got two Mongrels working in separate sandboxes!

 require 'sandbox'
 th = Thread.start do
 Sandbox.new(:init => :all).eval %{
 ARGV = ['0.0.0.0', '3000']
 load 'serve-mongrel.rb'
 }
 end
 Sandbox.new(:init => :all).eval %{
 ARGV = ['0.0.0.0', '3001']
 load 'serve-mongrel.rb'
 }
 th.join

It sort of flubs on FreeBSD, but it seems fine on Linux. Anyone got any OSX they can share?