How do you use ptrace to sandbox an untrusted code ran in Rails?

Question

Let's suppose I have this awful controller code:

class MovesController < ApplicationController
  def create
    eval(params[:input])
  end
end

I've been looking for a best way to sandbox the execution of an untrusted code for some time now and stumbled on discussion in this ruby-lang feature: https://bugs.ruby-lang.org/issues/8468

The real solution to this problem is to run a sandbox at the level above Ruby. I run untrusted code on http://eval.in inside a ptrace based sandbox. Charlie Somerville

Further research on the subject didn't get more than pure ptrace documentation. Is there a known practice/library for using ptrace in Ruby and Rails or would one need to set up his own solution?

Answer 1

There is a gem called trusted-sandbox to do that. But be careful, because Docker is not actually hacker-proof.

There is also Geordi used by CodePad.

There was a (buggy?) sandbox implementation for ruby 1.8, but it's no longer supported.

But really, your question is like the old joke where the patient says "Doctor, it hurts when I do this." And the Doctor answers "well, don't do that."

There are a million things you could do instead:

• Use a langauge with first-class sandboxing (like Lua).
• Use a templating language (like Liquid or Mustache). Write your own parser for the things that actually need to be done.
• Run the "program" run on the client side (in javascript or hotruby) and only send processed data back to your server.