Module: AgentJail
- Defined in:
- lib/agent_jail.rb,
lib/agent_jail/pipe.rb,
lib/agent_jail/child.rb,
lib/agent_jail/errors.rb,
lib/agent_jail/runner.rb,
lib/agent_jail/version.rb,
lib/agent_jail/platform.rb,
lib/agent_jail/ffi/landlock.rb,
lib/agent_jail/ffi/seatbelt.rb,
lib/agent_jail/configuration.rb,
lib/agent_jail/ffi/setrlimit.rb,
lib/agent_jail/restrictions/base.rb,
lib/agent_jail/restrictions/landlock.rb,
lib/agent_jail/restrictions/seatbelt.rb,
lib/agent_jail/restrictions/resource_limits.rb
Defined Under Namespace
Modules: FFI, Pipe, Platform, Restrictions
Classes: Child, Configuration, Error, FilesystemError, MemoryError, Runner, SandboxError, TimeoutError, UnsupportedPlatformError
Constant Summary
collapse
- VERSION =
"0.1.0"
Class Method Summary
collapse
Class Method Details
.configuration ⇒ Object
31
32
33
|
# File 'lib/agent_jail.rb', line 31
def configuration
@configuration ||= Configuration.new
end
|
26
27
28
29
|
# File 'lib/agent_jail.rb', line 26
def configure
yield configuration
configuration.validate!
end
|
.reset! ⇒ Object
35
36
37
|
# File 'lib/agent_jail.rb', line 35
def reset!
@configuration = nil
end
|
.run(**options, &block) ⇒ Object
Run a block inside a sandboxed child process with resource limits and optional filesystem restrictions.
48
49
50
51
52
53
54
55
56
57
|
# File 'lib/agent_jail.rb', line 48
def run(**options, &block)
raise ArgumentError, "block required" unless block
unless Platform.fork_supported?
handle_unsupported("Sandboxing is not supported on #{RUBY_PLATFORM}")
return block.call
end
Runner.new(options, &block).call
end
|