deac/Safebox
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Little Doku.

Browse source
This commit is contained in:
Denis Knauf 2010-03-31 19:32:26 +02:00
parent 057032f955
commit d8832d5825
1 changed files with 47 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
README.md
View file

@ -0,0 +1,47 @@
Install
=======
gem install Safebox
Usage
=====
First load the safebox:
require 'safebox'
The most things in your Safebox are possible:
value = Safebox.eval "1+2**9"
value = Safebox.eval {|| 1+2**8 }
Only some good things are not possible:
Safebox.eval "$stdout.puts 'I am OK!'"
But, very bad code will not damage your system.
Safebox.eval "class Unsecure;def self.code() system 'rm *' ; end end; Unsecure.code"
This will raise a SecurityError.
What is with raised exceptions?
Safebox.eval "raise Exception"
This will print the Exception.
Or if you want to get the Exception:
ret = Safebox.run "raise Exception"
ret # => [:exception, #<Exception>]
What is *Safebox.run*?
ret = Safebox.run "1+2**9"
ret # => [:value, 513]
You get something back, which can be unsafe!
Safebox.eval( "class A;def to_s() 'Owned!'; end end; A.new").to_s
puts Safebox.eval( "class A;def to_s() 'Owned!'; end end; A.new")