Hi, I have an multi-user VoIP application that allows users to execute IronRuby scripts for their call dial plans. I'm looking to restrict what the IronRuby scripts are allowed to do to protect the server in case a nasty user should decide to try and cause some damage. I've restricted the process executing the scripts as much as I can but would like to go further. For example my users don't need to be able to access the file system so I'd like to disable the File and Dir Ruby standard library classes.
The approach I've looked into and that seems to work is to comment out the modules I don't want in the IronRuby.Libraries assembly and the BuiltinsLibraryInitializer.LoadModules class. Is that a reasonable approach? Thanks, Aaron -- Posted via http://www.ruby-forum.com/. _______________________________________________ Ironruby-core mailing list Ironruby-core@rubyforge.org http://rubyforge.org/mailman/listinfo/ironruby-core
