[Ironruby-core] Safe Level checking

John Lam (DLR) jflam at microsoft.com
Sun Apr 6 14:26:15 EDT 2008 

We need to respect tainting because tons of specs test for correct behavior.

- John
Sent from my phone

________________________________
From: Peter Bacon Darwin <bacondarwin at googlemail.com>
Sent: Sunday, April 06, 2008 11:13 AM
To: ironruby-core at rubyforge.org <ironruby-core at rubyforge.org>
Subject: Re: [Ironruby-core] Safe Level checking

OK that makes sense.  Does it apply to tainting objects too?
Pete

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Tomas Matousek
Sent: Sunday,06 April 06, 2008 17:25
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] Safe Level checking

We don’t care about safe level now, so you can just ignore it. I doubt it is necessary to implement this feature at all. IronRuby doesn’t contain any unsafe code. Hence CLR checks are always present regardless of what we check, so your code cannot do anything that is disallowed by CLR security system. We can only disable Ruby calls to some methods.  And that would be a real security restriction only in a mode that would disable all .NET calls, because otherwise you could always call your C# code that performs the call.

Tomas

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Peter Bacon Darwin
Sent: Sunday, April 06, 2008 6:47 AM
To: ironruby-core at rubyforge.org
Subject: [Ironruby-core] Safe Level checking

The Sockets library does a lot of Security checking, i.e. Is the SafeLevel too high for this action. It may be helpful to be able to specify this kind of thing as an attribute on the method.
Something like:

        [RubyMethod("getsockopt")]
        [RubySafeLevel(2)]
        public static MutableString GetSocketOption(CodeContext/*!*/ context, RubyBasicSocket/*!*/ self, object/*Numeric*/ level, object/*Numeric*/ optname) {

Rather than:

        [RubyMethod("getsockopt")]
        public static MutableString GetSocketOption(CodeContext/*!*/ context, RubyBasicSocket/*!*/ self, object/*Numeric*/ level, object/*Numeric*/ optname) {
            Protocols.CheckSafeLevel(context, 2, "getsockopt");
            ...
        }

Or maybe even more cleverly integrate it into the .NET security permissions attributes.
What do you think?
Pete
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/ironruby-core/attachments/20080406/72a27389/attachment.html

More information about the Ironruby-core mailing list