开发者

JRuby - Monkeypatching as poor man's security manager?

开发者 https://www.devze.com 2023-03-01 21:19 出处:网络
Is there any thing wrong with selectively monkey-patching all Ruby core classes (File, Kernel, IO etc) to create a sort of access control?

Is there any thing wrong with selectively monkey-patching all Ruby core classes (File, Kernel, IO etc) to create a sort of access control?

My JVM will be running untrusted user code, and for some reasons I don't want to use Java's security manager. So, I turned to Ruby open classes for implementing my own sandbox. I had monkey-patched almost all the core classes, but for some reason I feel this is not secure enough. Am I being paranoid, or is this really a bad solution?

In a related question, Is there a way to selectively exclude Java from my Ruby runtime. My libraries need Java, but I don't want the user's to be able to access it. I've included Java in my libraries which in turn have been "required" into the user scripts.

Any开发者_开发百科 help would be appreciated. Thank you! :)

0

精彩评论

暂无评论...
验证码 换一张
取 消