lib/ruote/svc/treechecker.rb in ruote-2.1.11 vs lib/ruote/svc/treechecker.rb in ruote-2.2.0
- old
+ new
@@ -1,7 +1,7 @@
#--
-# Copyright (c) 2005-2010, John Mettraux, jmettraux@gmail.com
+# Copyright (c) 2005-2011, John Mettraux, jmettraux@gmail.com
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
@@ -21,13 +21,11 @@
#
# Made in Japan.
#++
-#require 'rufus/treechecker'
- # is loaded only when needed
-
+require 'rufus/treechecker'
require 'fileutils'
module Ruote
@@ -35,32 +33,31 @@
# The TreeChecker service is used to check incoming external ruby code
# and raise a security error if it contains potentially evil code.
#
class TreeChecker
- def initialize (context)
+ def initialize(context)
(context['use_ruby_treechecker'] == false) and return
- require 'rufus/treechecker' # gem 'rufus-treechecker'
- # load only when needed
+ checker = Rufus::TreeChecker.new do
- @checker = Rufus::TreeChecker.new do
-
exclude_fvccall :abort, :exit, :exit!
exclude_fvccall :system, :fork, :syscall, :trap, :require, :load
+ exclude_fvccall :at_exit
#exclude_call_to :class
exclude_fvcall :private, :public, :protected
- #exclude_def # no method definition
+ #exclude_raise # no raise or throw
+
+ exclude_def # no method definition
exclude_eval # no eval, module_eval or instance_eval
exclude_backquotes # no `rm -fR the/kitchen/sink`
exclude_alias # no alias or aliast_method
exclude_global_vars # $vars are off limits
exclude_module_tinkering # no module opening
- exclude_raise # no raise or throw
exclude_rebinding Kernel # no 'k = Kernel'
exclude_access_to(
IO, File, FileUtils, Process, Signal, Thread, ThreadGroup)
@@ -71,32 +68,62 @@
# Ruote::ProcessDefinition
exclude_call_to :instance_variable_get, :instance_variable_set
end
- @cchecker = @checker.clone # and not dup
- @cchecker.add_rules do
- at_root do
- exclude_head [ :block ] # preventing 'a < b; do_sthing_evil()'
- exclude_head [ :lasgn ] # preventing 'a = 3'
- end
+ # the checker used when reading process definitions
+
+ @def_checker = checker.clone # and not dup
+ @def_checker.add_rules do
+ exclude_raise # no raise or throw
end
+ @def_checker.freeze
- @checker.freeze
- @cchecker.freeze
- freeze
+ # the checker used when dealing with BlockParticipant code
+
+ @blo_checker = checker.clone # and not dup
+ @blo_checker.freeze
+
+ ## the checker used when dealing with conditionals
+ #
+ #@con_checker = checker.clone # and not dup
+ #@con_checker.add_rules do
+ # exclude_raise # no raise or throw
+ # at_root do
+ # exclude_head [ :block ] # preventing 'a < b; do_sthing_evil()'
+ # exclude_head [ :lasgn ] # preventing 'a = 3'
+ # end
+ #end
+ #@con_checker.freeze
#
+ # lib/ruote/exp/condition.rb doesn't use this treechecker
+ # kept (commented out) for 'documentation'
+
+ # the checker used when dealing with code in $(ruby:xxx}
+
+ @dol_checker = checker.clone # and not dup
+ @dol_checker.add_rules do
+ exclude_raise # no raise or throw
+ end
+ @dol_checker.freeze
+
+ freeze
# preventing further modifications
end
- def check (ruby_code)
+ def definition_check(ruby_code)
- @checker.check(ruby_code) if @checker
+ @def_checker.check(ruby_code) if @def_checker
end
- def check_conditional (ruby_code)
+ def block_check(ruby_code)
- @cchecker.check(ruby_code) if @checker
+ @blo_checker.check(ruby_code) if @blo_checker
+ end
+
+ def dollar_check(ruby_code)
+
+ @dol_checker.check(ruby_code) if @dol_checker
end
end
end