[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

Safe sandbox for running untrusted code

Ruben Fonseca

6/2/2008 3:13:00 PM

Hello @all!

I'm sorry if this has been answered before, but I'm looking for an
expert voice for this question.

I would need if Ruby have a safe mechanism of running unsafe code on a
sandbox environment. Image this situation:

I lunch a contest "solve this problem in Ruby". The users submit their
code, and my system runs the code on an sandbox, with memory and time
constraints, and verifies if the output meets the required result.

Basicly, I need a way to run Ruby code that reads from STDIN, writes to
STDOUT, and I need to be sure it doesn't run more than "x" seconds and
don't eat all my memory.

It this possible with the current VM (MRI 1.8)?

Thank you for your support.
--
Posted via http://www.ruby-....
6 Answers

Robert Klemme

6/2/2008 3:19:00 PM

0

2008/6/2 Ruben Fonseca <fonseka@gmail.com>:
> I would need if Ruby have a safe mechanism of running unsafe code on a
> sandbox environment. Image this situation:
>
> I lunch a contest "solve this problem in Ruby". The users submit their
> code, and my system runs the code on an sandbox, with memory and time
> constraints, and verifies if the output meets the required result.
>
> Basicly, I need a way to run Ruby code that reads from STDIN, writes to
> STDOUT, and I need to be sure it doesn't run more than "x" seconds and
> don't eat all my memory.
>
> It this possible with the current VM (MRI 1.8)?

There is at least $SAFE:
http://www.ruby-doc.org/docs/ProgrammingRuby/html/tai...

But AFAIK it does not prevent your CPU or memory going through the
roof or just taking ages. Depending on your platform you might be
able to do it using fork and having the parent kill the child if any
of your constraints (time, memory) are violated. But then you are
still not safe against system("/bin/rm", "-rf", "/"). That's where
$SAFE helps.

Kind regards

robert

--
use.inject do |as, often| as.you_can - without end

John Maclean

6/2/2008 4:06:00 PM

0

On Tue, 3 Jun 2008 00:18:49 +0900
"Robert Klemme" <shortcutter@googlemail.com> wrote:

> 2008/6/2 Ruben Fonseca <fonseka@gmail.com>:
> > I would need if Ruby have a safe mechanism of running unsafe code on a
> > sandbox environment. Image this situation:
> >
> > I lunch a contest "solve this problem in Ruby". The users submit their
> > code, and my system runs the code on an sandbox, with memory and time
> > constraints, and verifies if the output meets the required result.
> >
> > Basicly, I need a way to run Ruby code that reads from STDIN, writes to
> > STDOUT, and I need to be sure it doesn't run more than "x" seconds and
> > don't eat all my memory.
> >
> > It this possible with the current VM (MRI 1.8)?
>
> There is at least $SAFE:
> http://www.ruby-doc.org/docs/ProgrammingRuby/html/tai...
>
> But AFAIK it does not prevent your CPU or memory going through the
> roof or just taking ages. Depending on your platform you might be
> able to do it using fork and having the parent kill the child if any
> of your constraints (time, memory) are violated. But then you are
> still not safe against system("/bin/rm", "-rf", "/"). That's where
> $SAFE helps.
>
> Kind regards
>
> robert
>

I'd run the code within a virtualised environment. You'd be safe to rm -rf / as the "virtual server" is safely contained. vserver, xen, openvz, virtualbox, lguest... There's also the capability of changing ram, diskspace and loads of other stuff from outside of the virtual thang.

/dev/jayeola

ara.t.howard

6/2/2008 4:09:00 PM

0


On Jun 2, 2008, at 9:12 AM, Ruben Fonseca wrote:

> It this possible with the current VM (MRI 1.8)?

no.

you will need to combine using $SAFE=12 (ruby side) and ulimit/chroot
from the unix side (or similar).

a @ http://codeforp...
--
we can deny everything, except that we have the possibility of being
better. simply reflect on that.
h.h. the 14th dalai lama

Ruben Fonseca

6/2/2008 4:21:00 PM

0

ara.t.howard wrote:
> On Jun 2, 2008, at 9:12 AM, Ruben Fonseca wrote:
>
>> It this possible with the current VM (MRI 1.8)?
>
> no.
>
> you will need to combine using $SAFE=12 (ruby side) and ulimit/chroot
> from the unix side (or similar).

hi! thanks for all your input!

so does anybody knows how http://tryruby.... does it?

Ruben
--
Posted via http://www.ruby-....

Jano Svitok

6/3/2008 6:57:00 AM

0

On Mon, Jun 2, 2008 at 6:20 PM, Ruben Fonseca wrote:
> so does anybody knows how http://tryruby.... does it?

http://code.whytheluckystiff.ne... and/or search for freaky
freaky sandbox.

IIRC _why got some patches in ruby regarding this -- see archives for ruby-core.

J.

Siep Korteling

6/3/2008 8:01:00 AM

0

Ruben Fonseca wrote:
> ara.t.howard wrote:
>> On Jun 2, 2008, at 9:12 AM, Ruben Fonseca wrote:
>>
>>> It this possible with the current VM (MRI 1.8)?
>>
>> no.
>>
>> you will need to combine using $SAFE=12 (ruby side) and ulimit/chroot
>> from the unix side (or similar).
>
> hi! thanks for all your input!
>
> so does anybody knows how http://tryruby.... does it?
>
> Ruben


http://www.spo... does this with 30 programming languages,
including Ruby. I don't know how.

regards,

Siep
--
Posted via http://www.ruby-....