Can you let users upload Sinatra apps and run them inside Rails as middleware?_问答_开发者

Can you let users upload Sinatra apps and run them inside Rails as middleware?

开发者 https://www.devze.com 2022-12-24 06:38 出处：网络

I want to let users write small custom apps (think themes or plugins on Wordpress) an开发者_JAVA百科d upload/run them on my site.

I'm thinking about using Sinatra apps for this since it would give the users a lot of flexibility, and then running them as middleware inside my rails app.

But I can't figure out the security implications of this. I tried creating a simple sinatra app as middleware, and it has access to all the rails models and everything - so that is bad. Is there a way for rack to keep these separate so that the sinatra apps are effectively sandboxed and can't do any bad things (outside of an API or some specific way I setup for them to communicate)?

There may be an easier way to accomplish this that I haven't thought of too, so ideas welcome. Thanks!

Maybe a look at TryRuby / The Freaky Sandbox or one of the other Ruby sandboxes could take you somewhere.

How well do you know/trust your users? I hope the answer contains words such as "extremely" and "intimately". How easily could you reach them with something sharp and painful if they mess up?

I can't think of a simple way (heck, I can't think of a complicated one) to allow upload and installation of such things. Even with Wordpress, I don't think they allow any random plugin to be installed/run on the WP-hosted site - the risks of even well-meaning code causing problems just seem immense to my paranoid mind.

Sinatra would certainly give flexibility, but that may not be a Good Thing, as you've already identified.

Of course, if your users are Ruby/Sinatra literate (or able to become acceptably so) then you could give them a repository (git, svn or whatever) for their apps and deploy them into the appropriate place in Rack either ad hoc or on some schedule.

Thinking on the hoof, and without any notion of feasibility, if the functions that can safely be made available are relatively limited, you might consider looking at writing some sort of constrained DSL for them to utilise. If the scripts thus produced were short/efficient enough, perhaps they could be stored within the app's database and executed via eval?