[Ironruby-core] Script Validation

Charles Strahan charles.c.strahan at gmail.com
Thu Aug 12 11:53:48 EDT 2010

I just recently had the same question in mind - how could one sandbox

I'd imagine that .NET's built-in security model could be used to prevent the
app from accessing the file system, P/Invoking, etc; however, I don't know
if the security model is fine grained enough to apply to just a particular
AppDomain. If it it is, then you could probably use IronRuby's built-in
method for running scripts in another AppDomain - one that's locked down.

I'm sort of ignorant in this area though, so I can't really help that much.
Hopefully someone smarter than myself will chime in.


On Thu, Aug 12, 2010 at 4:57 AM, Thorsten Hans <thorsten.hans at gmail.com>wrote:

> Hi,
> I'm currently hosting IronRuby within a C# Application. Is there any way to
> validate the IronRuby scripts that will be invoked by the DLR?
> For example I'd like to prevent users from executing scripts that include
> the "require" statement or an impersonation statement...
> Any ideas?
> thx
> Thorsten
> _______________________________________________
> Ironruby-core mailing list
> Ironruby-core at rubyforge.org
> http://rubyforge.org/mailman/listinfo/ironruby-core
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/ironruby-core/attachments/20100812/abe78e58/attachment.html>

More information about the Ironruby-core mailing list