[#8446] Re: string like istringstream (was: A bug inruby) — Kevin Smith <sent@...>
jmichel@schur.institut.math.jussieu.fr wrote:
[#8465] A newbie question (about regexp) — "Robert Gustavsson" <robertg@...>
Hi!
[#8468] Re: speedup of anagram finder — "Ben Tilly" <ben_tilly@...>
gotoken@math.sci.hokudai.ac.jp (GOTO Kentaro) wrote:
On Tue, 2 Jan 2001, Ben Tilly wrote:
[#8478] popen on .rb file in 95 — "Chris Morris" <chrismo@...>
Apparently, Win95 does not support file associations from the command line.
[#8490] Translate daemon code to Windows? — "Chris Morris" <chrismo@...>
I'm trying to get httpd and rwiki to work on 95 and both have init code to
[#8508] Re: speedup of anagram finder — "SHULTZ,BARRY (HP-Israel,ex1)" <barry_shultz@...>
> go, either. The fact is, I've spent a lot of time the past couple days
[#8513] 1.6.2 on Dec Alpha — Hugh Sasse Staff Elec Eng <hgs@...>
And on a Dec Alpha system with gcc -v giving:
On Thu, 4 Jan 2001, Mathieu Bouchard wrote:
> > > And on a Dec Alpha system with gcc -v giving:
On Sun, 7 Jan 2001, Mathieu Bouchard wrote:
> > Here it is:
[#8527] Re: 1.6.2 on Solaris2.5.1 — ts <decoux@...>
>>>>> "H" == Hugh Sasse Staff Elec Eng <hgs@dmu.ac.uk> writes:
[#8565] optparse and rdtool — Hugh Sasse Staff Elec Eng <hgs@...>
Rebuilding stuff for 1.6.2, I see that RubyUnit says it's a good idea to
>...
[#8566] Visions for 2001/1.7.x development? — Robert Feldt <feldt@...>
Hi matz and other Ruby developers,
Hi,
On Fri, 5 Jan 2001, Yukihiro Matsumoto wrote:
[#8580] bug?? — jmichel@... (Jean Michel)
I don't understand the following behaviour:
On Thu, 4 Jan 2001, Jean Michel wrote:
In message "[ruby-talk:8580] bug??"
> A number of users was confused by these behavior, thus we have already
[#8599] Character classes in Ruby regexp — "Robert Gustavsson" <robertg@...>
Hi!
[#8633] Interesting Language performance comparisons - Ruby, OCAML etc — "g forever" <g24ever@...>
[#8651] Re: Interesting Language performance comparisons - Ruby, OCAML etc — "g forever" <g24ever@...>
Good observations.
[#8723] Re: Braces and begin/end — Kevin Smith <sent@...>
Robert Gustavsson wrote:
[#8745] (start..end) where start > end — "Robert Gustavsson" <0317025435@...>
Hi!
On Sun, 7 Jan 2001, Robert Gustavsson wrote:
[#8757] Backward Range implementation — Kevin Smith <sent@...>
Here's what I came up with that seems to work. I
[#8774] No :<, :>, etc. methods for Array — "Brian F. Feldman" <green@...>
So, why not include Comparable in Array by default? It shouldn't have any
Hi,
matz@zetabits.com (Yukihiro Matsumoto) wrote:
In message "[ruby-talk:8780] Re: No :<, :>, etc. methods for Array"
gotoken@math.sci.hokudai.ac.jp (GOTO Kentaro) wrote:
Hello --
David Alan Black <dblack@candle.superlink.net> wrote:
In message "[ruby-talk:8785] Re: No :<, :>, etc. methods for Array"
> -----Original Message-----
[#8808] Dynamic Flash movies from Ruby — Dave Thomas <Dave@...>
[#8829] Sandbox (again) — wys@... (Clemens Wyss)
Hi,
On 8 Jan, Clemens Wyss wrote:
[#8844] problems with mkmf.rb — DaVinci <bombadil@...>
Hi.
DaVinci <bombadil@wanadoo.es> wrote:
[#8908] Re: bug?? — Aleksi Niemel<aleksi.niemela@...>
matz said:
[#8931] String confusion — Anders Bengtsson <ndrsbngtssn@...>
Hello everyone,
Hi,
On Wed, 10 Jan 2001, Yukihiro Matsumoto wrote:
On Wed, 10 Jan 2001, Yukihiro Matsumoto wrote:
Hi,
On Wed, 10 Jan 2001, Yukihiro Matsumoto wrote:
[#8953] Please remove account from files — "Thomas Daniels" <westernporter@...>
Please take my e-mail address from your files and "CANCEL" my =
On Wed, 10 Jan 2001, Thomas Daniels wrote:
At Wed, 10 Jan 2001 14:23:30 +0900,
On Wed, 10 Jan 2001, Yasushi Shoji wrote:
[#8958] Re: Genetic Programming in Ruby — "Conrad Schneiker" <schneik@...>
Robert Feldt wrote:
[#8964] GULP (working title :-) related thoughts — David Alan Black <dblack@...>
Hello --
[#8971] Re: GULP (working title :-) related thoughts — "Conrad Schneiker" <schneik@...>
Dave Thomas wrote:
I don't know if 1.6.1 has a bug that's been fixed in 1.6.2 but I have used
[#8975] Re: Modules and mixins — Kevin Smith <sent@...>
Holden Glova wrote:
Kevin Smith <sent@qualitycode.com> writes:
[#8991] Why File::Stat? — "Hal E. Fulton" <hal9000@...>
I'm assuming that Stat is embedded inside File just
[#9008] using RUnit's setup and teardown methods — wlkleb@...
can someone show me how to use (or explain to me when i should use)
[#9035] Re: Regexp for matching Ruby reg exps? — "Ben Tilly" <ben_tilly@...>
Robert Feldt <feldt@ce.chalmers.se> wrote:
[#9047] Re: time to divide -talk? (was: Please remov e account from files) — Aleksi Niemel<aleksi.niemela@...>
Yasushi Shoji:
At Thu, 11 Jan 2001 00:20:45 +0900,
[#9063] Re: pid of executed program — ts <decoux@...>
>>>>> "L" == Laurence J Lane <ljlane@debian.org> writes:
[#9070] Re: time to divide -talk? — "Conrad Schneiker" <schneik@...>
David Alan Black wrote:
[#9106] Grabbing a char from the keyboard... — "Hal E. Fulton" <hal9000@...>
How does one accept a character from the keyboard
[#9120] ruby 1.6.2 and Debian 2.2 — Bostjan JERKO <Bostjan.Jerko@...>
Hi !
[#9159] Re: GULP (working title :-) related thoughts — "Conrad Schneiker" <schneik@...>
Dwight Tuinstra wrote:
[#9163] truncation of error strings — raja@... (Raja S.)
Is there any where to prevent the truncation of messages produced during
[#9179] "|" on front of aPortName — "Hal E. Fulton" <hal9000@...>
Hi guys...
[#9187] Re: Licensing issues — Kevin Smith <sent@...>
Robert Feldt wrote:
[#9195] Re: Redefining singleton methods — ts <decoux@...>
>>>>> "H" == Horst Duch=EAne?= <iso-8859-1> writes:
> From: ts [mailto:decoux@moulon.inra.fr]
[#9199] Class from name of class — Jim Menard <jimm@...>
I have a class name in a string, and I want to create an instance of that
[#9242] polymorphism — Maurice Szmurlo <maurice@...>
hello
Yukihiro Matsumoto <matz@zetabits.com> wrote:
[#9262] Rubicon now available via CVS — Dave Thomas <Dave@...>
[#9267] Re: polymorphism — chad fowler <chadfowler@...>
> >
"chad fowler" <chadfowler@yahoo.com> wrote in message
[#9279] Can ruby replace php? — Jim Freeze <jim@...>
When I read that ruby could be used to replace PHP I got really
> When I read that ruby could be used to replace PHP I got really
[#9368] Ruby 1.6.2 compilation problems on HP-UX 11 with gcc 2.95.2 with optimizations — "HOLOWKO,LARS (A-Germany,ex1)" <lars_holowko@...>
Trying to build Ruby like this
WATANABE Tetsuya <tetsu@jpn.hp.com> writes:
[#9395] Re: Do Vector and Matrix Classes Exist for Ruby? — "Conrad Schneiker" <schneik@...>
Gotoken wrote:
[#9411] The Ruby Way — "Conrad Schneiker" <schneiker@...>
As a member of the "Big 8" newsgroups, "The Ruby Way" (of posting) is to
Well, I have to say that I agree 100% with your previous post.
----- Original Message -----
----- Original Message -----
[#9427] Ruby CVS repositories are ready now — "Akinori MUSHA" <knu@...>
Hello,
[#9434] Re: 101 Misconceptions About Dynamic... — MICHAEL.W.WILSON@...
Subject:
[#9439] array.each_index_but_last ? — Hugh Sasse Staff Elec Eng <hgs@...>
What is the idiomatic Ruby way to go through all the elements of an array,
[#9462] Re: reading an entire file as a string — ts <decoux@...>
>>>>> "R" == Raja S <raja@cs.indiana.edu> writes:
ts <decoux@moulon.inra.fr> writes:
raja@cs.indiana.edu (Raja S.) writes:
Hi,
Mathieu Bouchard <matju@cam.org> writes:
> > File.open(path) {|f| f.read(*args) }
Hi,
[#9496] Re: Subprocess — Bostjan JERKO <Bostjan.Jerko@...>
Yeah and what if I want to run it on M$ ?
[#9521] Larry Wall INterview — ianm74@...
Larry was interviewed at the Perl/Ruby conference in Koyoto:
Larry Wall's interview is how I found out
>>>>> On Fri, 9 Feb 2001 00:40:02 +0900,
Does someone have a code snippet that they can point me to that allows
[#9598] Re: 101 Misconceptions About Dynamic Languages — "Christian" <christians@...>
I've really backed myself into a corner here. Witness my Houdini act.
[#9610] Re: 101 Misconceptions About Dynamic Languages — "Ben Tilly" <ben_tilly@...>
"Christian" <christians@syd.microforte.com.au> wrote:
[#9616] Re: 101 Misconceptions About Dynamic Languages — "Ben Tilly" <ben_tilly@...>
Peter Wood <peter.wood@worldonline.dk> wrote:
[#9619] Ruby mode for emacs — "R. Mark Volkmann" <volkmann2@...>
Is anyone successfully using Ruby mode for emacs under Windows 2000?
[#9682] Re: 101 Misconceptions About Dynamic Languages — "Ben Tilly" <ben_tilly@...>
"Christian" <christians@syd.microforte.com.au> wrote:
[#9709] Re: Ruby, FOX, and widely available C++ implementations (Was: Re: 101 Misconceptions About Dynamic Languages) — "Conrad Schneiker" <schneik@...>
Patrick Logan wrote:
[#9718] Can someone tell the the scoop on Mac ports — Dave Thomas <Dave@...>
[#9728] Re: Ruby vs. Python and Euphoria: sieve benc hmark — Aleksi Niemel<aleksi.niemela@...>
> Kenneth Rhodes writes:
[#9730] require loop — Ted Meng <ted_meng@...>
Hi,
[#9741] Re: Possible bug in Tempfile/Fork interaction — "Ben Tilly" <ben_tilly@...>
Martin G Dixon <mgdixon@ichips.intel.com> wrote:
[#9761] Re: 101 Misconceptions About Dynamic Languages — ts <decoux@...>
>>>>> "C" == Christoph Rippel <crippel@primenet.com> writes:
[#9781] Re: socket.rb? firewalls? — MICHAEL.W.WILSON@...
|--------+----------------------->
[#9792] Ruby 162 installer available — Dave Thomas <Dave@...>
[#9800] IOWA M.L. — Jilani Khaldi <jilanik@...>
Hi,
[#9824] Re: IOWA M.L. — chad fowler <chadfowler@...>
Avi Bryant <avi@beta4.com> writes:
[#9834] Problem with ruby-libglade 1.1 — schuerig@... (Michael Schuerig)
[#9843] The Ruby Programming Language — TAKAHASHI Masayoshi <maki@...>
Hi,
[#9847] Linux Expo Paris 1/31-2/2 — matz@... (Yukihiro Matsumoto)
Hi,
[#9904] Re: Learning Ruby — "Conrad Schneiker" <schneik@...>
Jim Freeze wrote:
[#9908] First quines in ruby? — "Conrad Schneiker" <schneik@...>
On Wed, 19 Jul 2000 Hal Fulton wrote:
[#9919] ANN: AspectR 0.2 — Robert Feldt <feldt@...>
Hi,
[#9930] a newbie ? — "Ralf" <Ralf.Jantschek@...>
Hello,
[#9949] Re: which ruby ...? — "Conrad Schneiker" <schneik@...>
Kent Dahl wrote:
[#9958] Re: Vim syntax files again. — "Conrad Schneiker" <schneik@...>
Hugh Sasse wrote:
On Sat, 27 Jan 2001, Conrad Schneiker wrote:
On Mon, 29 Jan 2001 19:36:49 +0900, Hugh Sasse Staff Elec Eng wrote:
On Mon, 29 Jan 2001, hipster wrote:
On Mon, 29 Jan 2001, Hugh Sasse Staff Elec Eng wrote:
[#9959] Dynamically instantiating a class (with a string) — ptkwt@...2.teleport.com (Phil Tomson)
I know I could (and probably should) do this with some kind of a factory
[#9975] line continuation — "David Ruby" <ruby_david@...>
can a ruby statement break into multiple lines?
On Sat, 27 Jan 2001, David Ruby wrote:
>A statement break into mutliple lines if it is not complete,
<ale@crimson.propagation.net> wrote:
On Sun, 28 Jan 2001, Brian F. Feldman wrote:
Hi --
[#9980] Ruby refs on Slashdot — "Conrad Schneiker" <schneiker@...>
FYI. See the original for much better formatting and to see the links.
Hello --
[#9986] system command on Windows(Arrgghhh!) — ptkwt@...2.teleport.com (Phil Tomson)
[#10010] Re: exercise training program in ruby — MICHAEL.W.WILSON@...
|--------+----------------------->
[#10050] Arity of methods without having instance? — Robert Feldt <feldt@...>
Hi,
[#10076] RECEIVED: Re: REQUEST TO REMOVE SEQUENC... — MICHAEL.W.WILSON@...
Subject:
[#10123] RSVP (Ruby SerVer Pages -sort of :-) — "Pe, Botp" <botp@...>
Hi ALL:
[#10128] Ruby for DOS — Dave Thomas <Dave@...>
[#10136] Array's undocumented features — Mathieu Bouchard <matju@...>
[#10141] ArrayMixin 0.2 — Mathieu Bouchard <matju@...>
[#10142] DateTime class for Ruby? — Michael Neumann <neumann@...>
Hi,
[#10153] Re: DateTime class for Ruby? — "Ben Tilly" <ben_tilly@...>
andy@toolshed.com (Andrew Hunt) wrote:
[ruby-talk:9003] Re: Sandbox (again)
Sorry it took so long, but I only find time in the evenings to work on
this. Clemens Hintze <c.hintze@gmx.net> wrote in
>
> sandbox.execute("p %x(ls -l /)")
> sandbox.execute("exec 'ls -l /'")
> sandbox.execute("Thread.new { sleep 60000 } while 1")
> sandbox.execute("def endless; t = Object.clone; endless end; endless")
>
AND
"NAKAMURA, Hiroshi" <nahi@keynauts.com> wrote in
<JIEJKAMAONAMHNNAOOOLGEONCEAA.nahi@keynauts.com>:
>Though I did not follow this thread(sorry), why don't
>you use $SAFE, ThreadGroup and Thread#priority?
>
>1. Create new aThreadGroup
>2. Create new aThread for sandbox
>3. Set appropriate $SAFE level to aThread
>4. Set low priority to aThread
>5. Add aThread to aThreadGroup
>6. Eval code in aThread
>7. Kill threads in aThreadGroup.list when timeout
>
All true (of course). The following solution handles all the /cle
vulnerabilities and checks for overly Thread- and Object-creation. Also
the execution time is checked. Here we go:
--> BEGIN
class Thread
def Thread.inherited(sub)
raise (SecurityError, "You may not subclass Thread")
end
end
class SandboxExecutionContext
def system(cmd)
raise (SecurityError, "You may not use system")
end
def exec(*cmd)
raise (SecurityError, "You may not use 'exec'")
end
def require(modName)
raise (SecurityError, "You may not use 'require'")
end
def playground
return binding
end
def `(cmd) # `
raise (SecurityError, "You may not issue ``-commands")
end
class File
def File.open(*args)
raise (SecurityError, "You may not open a File")
end
end
end
class Sandbox
def initialize(level = 2, maxRunTime = 15, maxThreadCount = 10,
maxNewObjects = 10000)
@level = level
@maxRunTime = maxRunTime
@maxThreadCount = maxThreadCount
@maxNewObjects = maxNewObjects
@sandboxThreadGroup = ThreadGroup.new
Thread.abort_on_exception= true
@context = SandboxExecutionContext.new.playground
end
def threadCount
return ObjectSpace.each_object (Thread) {}
end
def startWatchDogThread
@watchdogThread = Thread.new {
ObjectSpace.garbage_collect
objectsBeforeLaunch = ObjectSpace.each_object {}
runningForSecs = 0
begin
while true do
if (runningForSecs > @maxRunTime) then
raise (SecurityError, "Your script may only run for
#{@maxRunTime}sec")
end
ObjectSpace.garbage_collect
if ((ObjectSpace.each_object {} - objectsBeforeLaunch) >
@maxNewObjects) then
raise (SecurityError, "You may only create #{@maxNewObjects}
objects")
end
if (threadCount() > @maxThreadCount) then
raise (SecurityError, "You may only use #{@maxThreadCount}
Threads")
end
sleep 1
runningForSecs += 1
end # while
rescue SecurityError => detail
myMatch = /.*:.*:.*':(.*)/.match(detail) # '
if not(myMatch.nil?) then
print "\nThere has been a security violation: " + myMatch[1] +
"\n"
else
print "\nThere has been a security violation: " + detail + "\n"
end
@sandboxThreadGroup.list.each { | th |
th.kill
}
end
} # end_of_thread
end
def execute(exeCmd)
exeCmd.untaint
startWatchDogThread()
@sandboxThread = Thread.new {
$SAFE = @level
begin
eval(exeCmd, @context)
rescue SecurityError => detail
myMatch = /.*:.*:.*':(.*)/.match(detail) # '
if not(myMatch.nil?) then
print "\nThere has been a security violation: " + myMatch[1] +
"\n"
else
print "\nThere has been a security violation: " + detail + "\n"
end
rescue Exception => detail
myMatch = /.*:(.*):.*':(.*)/.match(detail) # '
if not(myMatch.nil?) then
lineNr = myMatch[1]
errorTxt = myMatch[2].gsub(/Sandbox::/,'')
print "\nError on line " + lineNr + ":" + errorTxt + "\n"
else
print "\nError :" + detail + "\n"
end
end
}
@sandboxThread.priority= -5 # very low
@sandboxThreadGroup.add(@sandboxThread)
@sandboxThread.join() # wait for completion
sleep .1 # give watchThread a chance to terminate neatly
if (@watchdogThread.alive?) then @watchdogThread.kill end
end
end
---> END
There is some "noise" in the code because I try to provide exact error
output.
matz@zetabits.com (Yukihiro Matsumoto) wrote in
<978962552.785938.1519.nullmailer@ev.netlab.zetabits.com>:
>
>The level 3 of $SAFE is just designed for your purpose. If hole
>remains, it's my fault, not yours. ;-)
>
I prefer 2, in order to also give users the eval-command!
Now, I am pretty sure this is still not THE solution ;-)
Please give me some more HACKS on this Sandbox! I will build-up a
RubyUnit testsuite to check all the HACKS/vulnerabilities.
Clemens