Add an eventSandboxing Ruby Code - Lessons from the battlefield
A session at RubyConf India 2012
Sometime you want to run untrusted code on your server. Our expirements with sandboxing started with the creation of a hosted continuous integration service called Goldberg Pro, and then continued on with RubyMonk, which needed to prevent users from performing potentially dangerous operations in code they submitted via the website.
Here we discuss various system level, language level, and application level techniques that we tried (and we plan to try in the future) to ensure that the user does not bring down the entire system. Some techniques we plan to speak about include LXC (Linux Containers), Chroots, Ruby's SAFE levels, Kernel level limits, SELinux and PTrace.
Some of our learnings are published in the form of the Open Source ruby gem - secure.
About the speakers
This person is speaking at this event.
VP Product at C42 Engineering http://c42.in. Currently shipping RubyMonk http://rubymonk.com. Likes Ruby. bio from Twitter
This person is speaking at this event.
Ugh. Something about Ruby. I work at C42 Engineering, the guys behind RubyMonk bio from Twitter
Coverage of this session
VideoSandboxing Ruby Code - Lessons from the battlefield by Tejas Dinkar and Jasmin A Basheer (youtube.com)
22 more videos from RubyConf India 2012
Sign in to add slides, notes or videos to this session