How to safely let users run arbitrary Ruby code?

Posted by igul222 on Stack Overflow See other posts from Stack Overflow or by igul222
Published on 2010-04-03T23:19:26Z Indexed on 2010/04/03 23:23 UTC
Read the original article Hit count: 223

Filed under:

I realize this sounds a little crazy, but I'm working on a project for which I need a server to run user-provided Ruby code and return the result.

I'm looking to prevent something like this:

system("rm -rf /")
eval("something_evil")
# etc...

I'm sure there must be some reasonably safe way to do this, as it already exists at places like tryruby.org. Any help is greatly appreciated, thanks!

© Stack Overflow or respective owner

Related posts about ruby