tags:

views:

104

answers:

1
+1  Q: 

How do you set up a virtual environment or sandbox for ruby without removing access to external API's?

I am running a bit of code that looks like this:

result = system("ruby " + filename_random_ruby_script)
if result
  save_to_disk(random_ruby_script)
else
  # Do Nothing
end

The variable "random_ruby_script" represents any .rb file.

This code is the first of many calls to system() and runs a ruby file that may also contain calls to system(), disk reads/writes, HTTP requests, and so on.

The ruby file must be run to find out what it does, but it might try to read/write/execute something other than itself and I don't want it deleting my HDD or posting lewd tweets.

I want to make a space where this program can run with no permission to write/execute anything in it's parent directories, but access to read anything locally and via any network protocol.

I also want to know if it tries to write/execute anything locally or on the net.

There is probably a gem or software that does something similar, but I am very green to sand-boxing my code, so pretty much any suggestion will be helpful.

A: 

Use safe level and don't run the script with system

http://ruby-doc.org/docs/ProgrammingRuby/html/taint.html

This was used, for instance, in the old github gem builder (gemspecs being normal executable ruby code).

Ben Hughes  2010-06-20 05:02:41
I am testing the file for compilation. Can I do this without calling system and with a safe level?
smothers  2010-06-21 19:47:32
yes. requiring or loading a file will cause the code to be loaded in and "compiled" (if you're on MRI, it will actually be interpreted into an abstract syntax tree, as MRI is not a compiler).Alternatively, you could run the code with ruby -c, which will check the syntax (but not the functionality).
Ben Hughes  2010-06-21 20:24:19
Thanks Ben that helps a lot.
smothers  2010-06-22 14:59:31

related questions

Best place to get Ruby on Vista up and running as dev environment
How can I encode xml files to xfdl (base64-gzip)?
What is the best way to learn Ruby?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a Class using the Singleton Design Pattern in Ruby?
How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Why Should I Learn Ruby?
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
How do I rake tasks within a ruby script?
Ruby On Rails with Windows Vista - Best Setup?
Mapping values from two array in Ruby
Reverse DNS in Ruby?
Text Editor For Linux (Besides Vi)?
What is good forum software to add to an existing Rails application?
Calling Bash Commands From Ruby
How can I modify .xfdl files? (Update #1)
How do I use (n)curses in Ruby?
Open Source Ruby Projects
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
When to use lambda, when to use Proc.new?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.
.NET Migrations Engine
How do I add existing comments to RDoc in Ruby?