Created
December 27, 2010 19:37
-
-
Save stellard/756460 to your computer and use it in GitHub Desktop.
This test shows that system calls can still be made with no privileges given
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require "test/unit" | |
require "rubygems" | |
require "shikashi" | |
class SystemCalls < Test::Unit::TestCase | |
def test_backtick_call_should_raise_error | |
priv = Shikashi::Privileges.new | |
assert_raise SecurityError do | |
Shikashi::Sandbox.new.run("`ls`", priv) | |
end | |
end | |
def test_percent_x_call_should_raise_error | |
priv = Shikashi::Privileges.new | |
assert_raise SecurityError do | |
Shikashi::Sandbox.new.run("%x[ls]", priv) | |
end | |
end | |
def test_system_call_should_raise_error | |
priv = Shikashi::Privileges.new | |
assert_raise SecurityError do | |
Shikashi::Sandbox.new.run("system('ls')", priv) | |
end | |
end | |
def test_exec_call_should_raise_error | |
priv = Shikashi::Privileges.new | |
assert_raise SecurityError do | |
Shikashi::Sandbox.new.run("exec('ls')", priv) | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment