sandbox | 易学教程

How to Enable/Disable Sandbox Mode in Facebook App

阅读更多关于 How to Enable/Disable Sandbox Mode in Facebook App

问题 I can't find the setting to turn the sandbox mode on/off within a new Facebook application I just created. Does something else have to be turned on or off in order for me to see this setting? 回答1: You may need to enter your contact email address under settings section. 回答2: You can disable sandbox by going to " Status and Review " in the option panel on the left, and then click "yes" for the question "Do you want to make this app and all its live features available to the general public?" 回答3

Ruby: creating a sandboxed eval?

阅读更多关于 Ruby: creating a sandboxed eval?

My Rails app has complicated rules about when a bit of content should be displayed on a page or not. I've decided to implement this by writing predicates (simple 'yes/no' functions) in Ruby and storing them in the db for subsequent eval'ing. It it pretty straightforward. My main concern is security: if a malicious somebody figures out how to write to the db, they could stick arbitrary Ruby code in the db and then ' all your base are belong to us '. So is it possible to create an 'sandboxed' eval, for example, which has all IO operations removed? Pablo Fernandez You might want to check the

seccomp — how to EXIT_SUCCESS?

阅读更多关于 seccomp — how to EXIT_SUCCESS?

问题 Ηow to EXIT_SUCCESS after strict mode seccomp is set. Is it the correct practice, to call syscall(SYS_exit, EXIT_SUCCESS); at the end of main? #include <stdlib.h> #include <unistd.h> #include <sys/prctl.h> #include <linux/seccomp.h> #include <sys/syscall.h> int main(int argc, char **argv) { prctl(PR_SET_SECCOMP, SECCOMP_MODE_STRICT); //return EXIT_SUCCESS; // does not work //_exit(EXIT_SUCCESS); // does not work // syscall(__NR_exit, EXIT_SUCCESS); // (EDIT) This works! Is this the ultimate

How can I terminate my app in a helper app with sandboxing enabled?

阅读更多关于 How can I terminate my app in a helper app with sandboxing enabled?

问题 I've created a helper app, which monitors iTunes and launches/terminates the main app. The launching works perfectly. The only problem is that I'm not allowed to terminate the main app, because of sandboxing. I get those 3 logs: 12/23/12 8:45:37.522 PM appleeventsd[70]: Sandboxed application with pid 8293 attempted to lookup App:"Significator 2"/8877/0x0:0x150150 ???? sess=100011 but was denied due to sandboxing. (handleMessage()/appleEventsD.cp #2007) com.apple.coreservices.appleevents.peer

Python eval(compile(…), sandbox), globals go in sandbox unless in def, why?

阅读更多关于 Python eval(compile(…), sandbox), globals go in sandbox unless in def, why?

问题 Consider the following: def test(s): globals()['a'] = s sandbox = {'test': test} py_str = 'test("Setting A")\nglobals()["b"] = "Setting B"' eval(compile(py_str, '<string>', 'exec'), sandbox) 'a' in sandbox # returns False, !What I dont want! 'b' in sandbox # returns True, What I want 'a' in globals() # returns True, !What I dont want! 'b' in globals() # returns False, What I want I'm not even sure how to ask, but I want the global scope for a function to be the environment I intend to run it

How to disable socket creation for a Linux process, for sandboxing?

阅读更多关于 How to disable socket creation for a Linux process, for sandboxing?

I'm considering several options for sandboxing a Linux process. Using clone() with CLONE_NEWNET (etc.) is one of the options. CLONE_NEWNET ensures that the the sandboxed process cannot make or accept real network connections. But I'd like to disable sockets entirely for that process, even bind() ing to any port on 0.0.0.0 , and binding to a Unix doman socket (even anonymous). I'd like to do this to prevent the process from using too much kernel resources by binding to thousands of ports. How do I do that? In general, I'm interested in many sandboxing approaches (i.e. those provided by the

Creating a security scope bookmark for a file from one of a directory containing it

阅读更多关于 Creating a security scope bookmark for a file from one of a directory containing it

问题 I have a security scope bookmark for a directory, provided by a user via an openDialog request. I'm trying to create another security scope bookmark for a file inside this directory: NSURL *musicFolder = /* Secured URL Resolved from a NSData, bookmark not stale */; if (![musicFolder startAccessingSecurityScopedResource]) { NSLog(@"Error accessing bookmark."); } NSString *file = @"myfile.txt"; /* This file exists inside the directory */ NSURL *pathURL = [musicFolder URLByAppendingPathComponent

Mac OS app, sandbox with command line tool?

阅读更多关于 Mac OS app, sandbox with command line tool?

问题 I've made an app which includes a command-line tool. I have enabled the app's sandbox, and tested that it works. I've also code-signed both the app and the command line tool. But when I upload the app to iTunes, I received a email telling me "App sandbox not enabled". Apparently I need to set entitlement file of key com.apple.security.app-sandbox with true value, and list the executables: /Contents/MacOS/myApp and /contents/Frameworks/x86/myCommandLineTool . I'm sure I've enabled sandbox in

Why In-App purchase sandbox always ask “Verification Required”?

阅读更多关于 Why In-App purchase sandbox always ask “Verification Required”?

I have signed out from the store in device settings. I entered user credentials only in my App. I have set up a brand new (actually around 4 times) test user. Why this message keep poppin' up? Is it something connected to iOS 5, automatic app sync, or iCloud? I had exactly same problem with sandbox in-app purchases, in built-in model (no receipt verification), app received valid products, now i called addPayment, everything alright. But now "Verification required" appeared and payment was canceled. After hours of pain I discovered, my problem was in test account.. i created test account for

Evaluate math equations from unsafe user input in Python

阅读更多关于 Evaluate math equations from unsafe user input in Python

I have a website where the user enters math equations (expressions) and then those equations are evaluated against data (constants) provided by the website. The math operations needed include symbols, arithmetic operations, min() , max() and some other basic functions. A sample equation could be: max(a * b + 100, a / b - 200) One could simply eval() this using Python, but as we all know this leads compromising the site. What would be the safe approach of doing math equation evaluation? What math equation parsing and evaluation engines there are for Python If one chooses to use Python itself to