[Ironruby-core] Script Validation
charles.c.strahan at gmail.com
Thu Aug 12 11:53:48 EDT 2010
I just recently had the same question in mind - how could one sandbox
I'd imagine that .NET's built-in security model could be used to prevent the
app from accessing the file system, P/Invoking, etc; however, I don't know
if the security model is fine grained enough to apply to just a particular
AppDomain. If it it is, then you could probably use IronRuby's built-in
method for running scripts in another AppDomain - one that's locked down.
I'm sort of ignorant in this area though, so I can't really help that much.
Hopefully someone smarter than myself will chime in.
On Thu, Aug 12, 2010 at 4:57 AM, Thorsten Hans <thorsten.hans at gmail.com>wrote:
> I'm currently hosting IronRuby within a C# Application. Is there any way to
> validate the IronRuby scripts that will be invoked by the DLR?
> For example I'd like to prevent users from executing scripts that include
> the "require" statement or an impersonation statement...
> Any ideas?
> Ironruby-core mailing list
> Ironruby-core at rubyforge.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ironruby-core