[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

restricted evaluation

Johannes Ahl-mann

2/16/2005 5:00:00 PM

hi,

is there an easy way to restrict evaluation of code to certain
methods/classes only??

i am fiddling around with domain specific languages in ruby and would
like to ensure that only a subset of ruby can be used in the DSL.
obviously the implementation of the DSL has to use the whole of ruby,
but it would be nice to be able to "hide" certain ruby methods from the
DSL (especially to prevent anyone from using them ;-)).

maybe it's a stupid thing to want to have, but just from a technical
standpoint i wonder if (and especially how ;-) this might be possible...

Johannes
2 Answers

Johannes Ahl-mann

2/16/2005 5:07:00 PM

0

> is there an easy way to restrict evaluation of code to certain
> methods/classes only??

just came up with an example!
for example i might want to prevent users of the DSL to "catch"
exceptions by themselves...

for example:
> begin
> dsl_data {
> field1 :broken
> }
> rescue
> nil
> end

this might "hide" syntax problems of the DSL and would not make
much sense if the DSL was used solely for data entry. therefore i might
want to disallow use of "rescue"...

Johannes

Luke Graham

2/17/2005 12:55:00 AM

0

If you are sure you want them executing code in the same context,
you can freeze objects. That will get rid of a certain class of attacks.
Another way would be to do some AOP-style checks on who exactly
is calling a given function. FWIW, rescue is a keyword, not a method,
so I believe there is nothing you can do short of scanning their
file for that word. Eval would be another good one, otherwise they
could piece together say, eval("res" + "cue").


On Thu, 17 Feb 2005 02:09:50 +0900, Johannes Ahl-mann <softpro@gmx.net> wrote:
> > is there an easy way to restrict evaluation of code to certain
> > methods/classes only??
>
> just came up with an example!
> for example i might want to prevent users of the DSL to "catch"
> exceptions by themselves...
>
> for example:
> > begin
> > dsl_data {
> > field1 :broken
> > }
> > rescue
> > nil
> > end
>
> this might "hide" syntax problems of the DSL and would not make
> much sense if the DSL was used solely for data entry. therefore i might
> want to disallow use of "rescue"...
>
> Johannes
>
>


--
spooq