We have a sandboxing mechanism - we rely on CLR's AppDomains:
http://blogs.msdn.com/b/shawnfa/archive/2005/08/08/449050.aspx
You can use this API in conjunction with ScriptRuntime.CreateRemote(appDomain,
setup) DLR Hosting API.
I wouldn't even try to do any source code analysis to ensure security rules if
I were you. You'd be doomed to failure. For example, consider this script
string my_script = @"x, y = 'u', 'b'; eval(\"req#{x}uire #{y}ad_script\")"
how do you analyze that? (Not that it would be completely impossible to do so
in this particular case, but you get the point.)
Tomas
From: [email protected]
[mailto:[email protected]] On Behalf Of Dody Gunawinata
Sent: Thursday, August 12, 2010 3:17 AM
To: [email protected]
Subject: Re: [Ironruby-core] Script Validation
Regex and filter it. I don't think the DLR has a sandbox mechanism for this.
On Thu, Aug 12, 2010 at 12:57 PM, Thorsten Hans
<[email protected]<mailto:[email protected]>> wrote:
Hi,
I'm currently hosting IronRuby within a C# Application. Is there any way to
validate the IronRuby scripts that will be invoked by the DLR?
For example I'd like to prevent users from executing scripts that include the
"require" statement or an impersonation statement...
Any ideas?
thx
Thorsten
_______________________________________________
Ironruby-core mailing list
[email protected]<mailto:[email protected]>
http://rubyforge.org/mailman/listinfo/ironruby-core
--
nomadlife.org<http://nomadlife.org>
_______________________________________________
Ironruby-core mailing list
[email protected]
http://rubyforge.org/mailman/listinfo/ironruby-core
