I want to allow c开发者_Python百科lient to write scripts in JRuby and run them on web server. Is there a way to disable java-jruby integration. Or at least a way to disable access to ceratain classes ?
Have a look at the org.jruby.Profile interface. With this you can implement a custom version that disallows loading certain files or classes. As the comments suggest above, disallowing load of "java" should be enough to disable Java integration.
You can set the runtime profile with org.jruby.RubyInstanceConfig#setProfile before the runtime is initialized. If you're using the org.jruby.embed APIs, then use org.jruby.embed.ScriptingContainer#setProfile.
Are you allowing a user to submit a file and have your server execute it as a script? That's probably a very bad idea for several reasons. To begin with, what is it they could do in Java that you don't want them to, that they could not do in plain ruby?
With that being said, ensure a script does not have require 'java' in it will prevent Java integration.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论