Is there any thing wrong with selectively monkey-patching all Ruby core classes (File, Kernel, IO etc) to create a sort of access control?
My JVM will be running untrusted user code, and for some reasons I don't want to use Java's security manager. So, I turned to Ruby open classes for implementing my own sandbox. I had monkey-patched almost all the core classes, but for some reason I feel this is not secure enough. Am I being paranoid, or is this really a bad solution?
In a related question, Is there a way to selectively exclude Java from my Ruby runtime. My libraries need Java, but I don't want the user's to be able to access it. I've included Java in my libraries which in turn have been "required" into the user scripts.
Any开发者_开发百科 help would be appreciated. Thank you! :)
精彩评论