David Stevenson, flouri.sh, talk “Playing With Fire: Running Uploaded Ruby Code in a Sandbox” at Golden Gate Ruby Conference

A sandbox needs to:

• Limit functionality
• Make it so code can’t break out
• Separate code space
• Bounded execution time

Sandbox gems

• Freaky-freaky sandbox gem (MRI Ruby): it’s a gem, but you can’t use gem install.  No support for 1.8.7 and later.
• JavaSand gem (JRuby): same API as the freaky-freaky sandbox, more actively maintained
• Rubinious has SubVMs, David doesn’t have experience with it

acts_as_runnable_code is a sandbox helper:
set up sandbox easily with referenced classes
pass in top-level binding

Built an example in just a few minutes that allowed people to enter experession to be evaluated and opened to the audience (offering cupcakes to anyone who broke it!).  Here’s some of the first experiments from the audience: