From: Eric Wong Date: 2018-01-08T13:34:22+00:00 Subject: [ruby-core:84712] Re: [Ruby trunk Feature#14337] We need add primitives in Ruby that help us compartmentalizing specific parts of our code (with guarantees) vasilakisfil@gmail.com wrote: > Of course I check the gems I add and the gems those gems use, but that gives me no guarantees at all. What I want is guarantees. You realize a only a few days ago Spectre and Meltdown were announced, right? The kernel and hardware are on a completely different level than userspace in terms being able to provide safety guarantees than userspace. If the hardware can't even get it right; do you honestly think Ruby or anything else in userspace has a chance at providing the guarantees you want? Freezing in Ruby is broken by flipping a SINGLE bit. Memory corruption, hardware glitches or any wayward C extension that gets loaded can do that (and of course they can do way worse). Heck, we're even getting rid of $SAFE because it provides a false sense of safety: https://bugs.ruby-lang.org/issues/5455 If you want data isolation, then at the very MINIMUM you need to isolate at the *nix process and user level (create different user accounts for everything you run) so the kernel + hardware can do what they're supposed to do. But, kernel bugs sometimes happen, so using VMs have a bit more isolation and protection... Except hardware cannot be trusted, either, so you really need to be separating things at the physical level. Even then you need to make sure your firmware isn't uploading stuff to the cloud behind your back. There's real things that you should be doing like auditing all the code you use and not having unaudited code (this includes firmware, microcode, and drivers). But introducing this stuff at the userspace level is an utter waste of time. Start with using less code and simpler code so you have less to audit. Unsubscribe: