Last active
January 24, 2021 21:50
-
-
Save JoshCheek/b6a07240e98191e9cf9b73014ad538da to your computer and use it in GitHub Desktop.
Example of a hostile Seeing is Believing environment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Users can fork the process, SiB still works | |
| if !fork | |
| Process.pid # => 6669 | |
| else | |
| Process.pid # => 6668 | |
| # Users can exec, SiB still works | |
| exec "echo users can exec, SiB still works" # printing is displayed at eof | |
| end | |
| # Close the input / output streams, SiB still works | |
| [$stdin, $stdout, $stderr].each(&:close) | |
| # Remove the `new` method, SiB still works | |
| Class.class_eval { undef new } | |
| String.new rescue $! # => #<NoMethodError: undefined method `new' for String:Class> | |
| Array.new rescue $! # => #<NoMethodError: undefined method `new' for Array:Class> | |
| # Remove all the constants!, SiB still works | |
| Object.class_eval do | |
| constants.each { |const| remove_const const rescue nil } | |
| end | |
| String rescue $! # => #<NameError: uninitialized constant String> | |
| Object rescue $! # => #<NameError: uninitialized constant Object> | |
| # remove all the methods from integers and strings, SiB still works | |
| public def remove_all_methods | |
| instance_methods.each { |name| undef_method name } | |
| end | |
| 1 + 1 # => 2 | |
| 1.class.remove_all_methods | |
| 1 + 1 rescue $! # => #<NoMethodError: undefined method `+' for #<Integer:0x0000000000000003>> | |
| # Okay, actually, removing all the string methods did actually crash the program >.< | |
| # Anyway, here's that output from the exec back at the beginning: | |
| # >> users can exec, SiB still works |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment