Menu
We're working on a product that has similar a requirement to Tropo (see https://github.com/tropo/tropo-samples/tree/master/ruby), where the user is allowed to write a ruby script that can access a few functions and variables that are passed in. However, we would want to avoid the user having access to global calls deleting all users or terminating the program. Is there a way to accomplish this with eval?
968
It would depend a great deal on how you implement it, but look into the use of bindings with eval. By creating your own binding and preloading it with "safe" objects, you can limit what the user could do with his code.
http://rdoc.info/stdlib/core/1.9.2/Binding
153
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
