[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

$SAFE doesn't work as specified?

Bertram Scharpf

1/31/2005 7:34:00 PM

Hi,

the Chapter "Locking Ruby in the Safe" says this should
work:

fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'puts "hello"'
end
Thread.start {
$SAFE = 4
load fn, true
}.join

I get an error:

in `load': Insecure operation `load' at level 4 (SecurityError)

Why?

Thanks in advance.

Bertram

--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-...
4 Answers

Assaph Mehr

1/31/2005 9:49:00 PM

0


> the Chapter "Locking Ruby in the Safe" says this should
> work:
>
> fn = 'dummy.rb'
> File.open fn, 'w' do |f|
> f.puts 'puts "hello"'
> end
> Thread.start {
> $SAFE = 4
> load fn, true
> }.join
>
> I get an error:
>
> in `load': Insecure operation `load' at level 4 (SecurityError)
>
> Why?

This is the expected behaviour: inside the thread you create you set
the $SAFE level to 4, meaning that from here on within the thread you
can't access variables from outside the thread scope. What you can do
is either hardcode the file name in the #load or pass an argument to
the thread:

| Thread.start(File.expand_path(fn)) { |fn|
| $SAFE = 4
| load fn, true
| }.join

The expand_path is because you cannot load a relative path when in
$SAFE >= 2.
Notice that your 'dummy.rb' file contains a call to Kernel#puts, which
is also not allowed. Try it with:

| File.open fn, 'w' do |f|
| f.puts 'raise "hello"'
| end

HTH,
Assaph

Bertram Scharpf

2/1/2005 9:14:00 PM

0

Hi Assaph,

Am Dienstag, 01. Feb 2005, 06:50:45 +0900 schrieb Assaph Mehr:
> > the Chapter "Locking Ruby in the Safe" says this should
> > work:
>
> This is the expected behaviour: inside the thread you create you set
> the $SAFE level to 4, meaning that from here on within the thread you
> can't access variables from outside the thread scope. What you can do
> is either hardcode the file name in the #load or pass an argument to
> the thread:
>
> | Thread.start(File.expand_path(fn)) { |fn|
> | $SAFE = 4
> | load fn, true
> | }.join
>
> The expand_path is because you cannot load a relative path when in
> $SAFE >= 2.

Thank you very much for your detailed answer. I'm afraid to
say the program still doesn't work:

$ cat safe.rb
fn = 'dummy.rb'
File.open fn, 'w' do |f|
f.puts 'raise "hello"'
end
Thread.start( File.expand_path( fn)) do |fn|
$SAFE = 4
load fn, true
end.join

$ ruby safe.rb
safe.rb:7:in `load': Insecure operation - load
(SecurityError)
from safe.rb:5:in `join'
from safe.rb:5
$

All I wanted to do is run the thread in its own environment.
I will use fork.

Bertram

--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-...

Assaph Mehr

2/1/2005 9:34:00 PM

0

> Thank you very much for your detailed answer. I'm afraid to
> say the program still doesn't work:
>
> $ cat safe.rb
> fn = 'dummy.rb'
> File.open fn, 'w' do |f|
> f.puts 'raise "hello"'
> end
> Thread.start( File.expand_path( fn)) do |fn|
> $SAFE = 4
> load fn, true
> end.join
>
> $ ruby safe.rb
> safe.rb:7:in `load': Insecure operation - load
> (SecurityError)
> from safe.rb:5:in `join'
> from safe.rb:5
> $

Works fine for me: ruby 1.8.2 (2004-11-06) [i386-mswin32]

> All I wanted to do is run the thread in its own environment.
> I will use fork.

.... from which I understand you're on *nix, right? I think 'load' will
not access files from globally writable locations on unix. This is done
interntionally to prevent loading of non-secure files. Since you write
the file locally, it might be considered unsafe.

HTH,
Assaph

Bertram Scharpf

2/1/2005 11:13:00 PM

0

Am Mittwoch, 02. Feb 2005, 06:35:44 +0900 schrieb Assaph Mehr:
> > $SAFE = 4
> > load fn, true
>
> Works fine for me: ruby 1.8.2 (2004-11-06) [i386-mswin32]
>
> > All I wanted to do is run the thread in its own environment.
> > I will use fork.
>
> .... from which I understand you're on *nix, right?

Yes, Linux.

> I think 'load' will
> not access files from globally writable locations on unix. This is done
> interntionally to prevent loading of non-secure files. Since you write
> the file locally, it might be considered unsafe.

I switched off every writeable flag I could find. The error
stays the same.

Thank you very much, anyway.

Bertram

--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-...