Re: [Ironruby-core] Safe Level checking

Sun, 06 Apr 2008 11:28:51 -0700 

We need to respect tainting because tons of specs test for correct behavior.

- John
Sent from my phone

________________________________
From: Peter Bacon Darwin <[EMAIL PROTECTED]>
Sent: Sunday, April 06, 2008 11:13 AM
To: ironruby-core@rubyforge.org <ironruby-core@rubyforge.org>
Subject: Re: [Ironruby-core] Safe Level checking

OK that makes sense.  Does it apply to tainting objects too?
Pete

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tomas Matousek
Sent: Sunday,06 April 06, 2008 17:25
To: ironruby-core@rubyforge.org
Subject: Re: [Ironruby-core] Safe Level checking

We don’t care about safe level now, so you can just ignore it. I doubt it is 
necessary to implement this feature at all. IronRuby doesn’t contain any unsafe 
code. Hence CLR checks are always present regardless of what we check, so your 
code cannot do anything that is disallowed by CLR security system. We can only 
disable Ruby calls to some methods.  And that would be a real security 
restriction only in a mode that would disable all .NET calls, because otherwise 
you could always call your C# code that performs the call.

Tomas

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Bacon 
Darwin
Sent: Sunday, April 06, 2008 6:47 AM
To: ironruby-core@rubyforge.org
Subject: [Ironruby-core] Safe Level checking

The Sockets library does a lot of Security checking, i.e. Is the SafeLevel too 
high for this action. It may be helpful to be able to specify this kind of 
thing as an attribute on the method.
Something like:

        [RubyMethod("getsockopt")]
        [RubySafeLevel(2)]
        public static MutableString GetSocketOption(CodeContext/*!*/ context, 
RubyBasicSocket/*!*/ self, object/*Numeric*/ level, object/*Numeric*/ optname) {

Rather than:

        [RubyMethod("getsockopt")]
        public static MutableString GetSocketOption(CodeContext/*!*/ context, 
RubyBasicSocket/*!*/ self, object/*Numeric*/ level, object/*Numeric*/ optname) {
            Protocols.CheckSafeLevel(context, 2, "getsockopt");
            ...
        }

Or maybe even more cleverly integrate it into the .NET security permissions 
attributes.
What do you think?
Pete

_______________________________________________
Ironruby-core mailing list
Ironruby-core@rubyforge.org
http://rubyforge.org/mailman/listinfo/ironruby-core

Reply via email to