How safe is $SAFE=4? 
Author Message
 How safe is $SAFE=4?

How safe is $SAFE=4? I read the description of $SAFE in "Programming
Ruby: The Pragmatic Programmer's Guide" and it sounds like $SAFE is
specifically designed for running code from untrusted sources.

So, if I put a form on a website that executes whatever code people
put into it with $SAFE=4, would this be safe? (Is there a good webpage
that talks about the use of $SAFE further?)



Sun, 21 Nov 2004 04:17:52 GMT  
 How safe is $SAFE=4?

Quote:
> So, if I put a form on a website that executes whatever code people
> put into it with $SAFE=4, would this be safe?

No, it wouldn't work (IIRC). $SAFE=4 here would not allow the code to be
executed at all. It's 'safe' in that way.

Chris



Sun, 21 Nov 2004 04:23:05 GMT  
 How safe is $SAFE=4?

Quote:

> > So, if I put a form on a website that executes whatever code people
> > put into it with $SAFE=4, would this be safe?

> No, it wouldn't work (IIRC). $SAFE=4 here would not allow the code to be
> executed at all. It's 'safe' in that way.

I just managed to make a program that reads a line from standard input
and eval's it under $SAFE=4. It seems to allow the code to be
executed. I do have to put "$SAFE=4" in a separate Thread, or else I
can't break out of safe mode (apparently, setting $SAFE will persist
forever, rather than just for the life of the block).


def safeEval(expr)
    result = nil
    Thread::start {
        $SAFE = 4
        result = eval expr
    }.join
    result
end

loop {
    print 'Enter expression: '
    expr = gets
    break if !expr
    puts safeEval(expr)

Quote:
}


Enter expression: 1+1
2
Enter expression: puts 'Hello, world!'
myeval.rb:5:in `safeEval': (eval):1:in `write': Insecure operation
`write' at level 4 (SecurityError)
    from myeval.rb:3:in `join'
    from myeval.rb:3:in `safeEval'
    from myeval.rb:14
    from myeval.rb:11:in `loop'
    from myeval.rb:11


Sun, 21 Nov 2004 06:48:56 GMT  
 How safe is $SAFE=4?
Hi,

In message "How safe is $SAFE=4?"

|So, if I put a form on a website that executes whatever code people
|put into it with $SAFE=4, would this be safe?

It's designed to be.  It's safe unless I made mistake.

                                                        matz.



Sun, 21 Nov 2004 07:51:31 GMT  
 How safe is $SAFE=4?

Quote:

> def safeEval(expr)
>     result = nil
>     Thread::start {
>         $SAFE = 4
>         result = eval expr
>     }.join
>     result
> end

> loop {
>     print 'Enter expression: '
>     expr = gets
>     break if !expr
>     puts safeEval(expr)
> }

> Enter expression: 1+1
> 2

Huh - I tweaked the above to check expr.tainted? and it is true when it's
evaled -- according to http://www.rubycentral.com/book/taint.html at $SAFE
Quote:
>= 1, tainted strings cannot be evaled. Why does this script work, eval-ing

1+1?

Chris



Sun, 21 Nov 2004 20:32:09 GMT  
 How safe is $SAFE=4?

M> Huh - I tweaked the above to check expr.tainted? and it is true when it's
M> evaled -- according to http://www.rubycentral.com/book/taint.html at
M> $SAFE >> = 1, tainted strings cannot be evaled. Why does this script
M> work, eval-ing  1+1?

 Try it with $SAFE = 3

 #eval is safe at level 4

Guy Decoux



Sun, 21 Nov 2004 20:37:21 GMT  
 How safe is $SAFE=4?

Quote:
> M> Huh - I tweaked the above to check expr.tainted? and it is
> true when it's
> M> evaled -- according to
> http://www.rubycentral.com/book/taint.html at
> M> $SAFE >> = 1, tainted strings cannot be evaled. Why does
> this script
> M> work, eval-ing  1+1?

>  Try it with $SAFE = 3

>  #eval is safe at level 4

Ahhhhhhhh... I've been assuming the SAFE levels were cumulative. Thx for the
clarification.

Chris



Sun, 21 Nov 2004 20:47:49 GMT  
 How safe is $SAFE=4?

M> Ahhhhhhhh... I've been assuming the SAFE levels were cumulative. Thx for the
M> clarification.

 There are cumulative for 1 .. 3. For example, for #eval you can't use it
 with a tainted string with 1 <= $SAFE <= 3

 For $SAFE >= 4, ruby just check that it has a String because at this level
 ruby can't do something dangerous when it execute the nodes

Guy Decoux



Sun, 21 Nov 2004 20:58:14 GMT  
 
 [ 8 post ] 

 Relevant Pages 

1. Am I Safe?

2. A Safe Tcl? (NOT safe-tcl!)

3. Is it safe to compress changes?

4. FixedPoint asFloat -- is it safe?

5. How Thread-Safe is the UI?

6. Better task safe collections

7. Thread Safe Collections: Based on Aspect Style Programming with Interfaces

8. Is Java Type-Safe?

9. ST/V, is this a safe practice?

10. Need Help Passing Safe Array to COM Object

11. Primitive Types Safe?

 

 
Powered by phpBB® Forum Software