Ruby Conference 2011

Sandboxing Ruby: The Good, the Bad, and the Fugly.
Eric Allam

You might never find the need to sandbox ruby, but trying to sandbox ruby is fun. We get to dive deep into the internals of Ruby and learn all the ways running ruby code securely can fail. We’ll walk through some different approaches and how they can be broken: - REGEX to the Rescue - Threads and $SAFE - JRuby/MacRuby Sandbox - RubyCop – A ruby static analyzer And after surveying the sandbox scene we’ll draw some conclusions on how to mitigate potential sandbox failures and how Ruby itself can change to make really sandboxing Ruby a reality.

1920x1080 - - video/mp4 - 1.2 GB - 00:36:23
1280x720 - video/mp4 - 158.2 MB - 00:36:23
640x360 - - video/mp4 - 56.7 MB - 00:36:23
audio/mpeg - 18.4 MB - 00:36:23
Rated: Everyone
Views: 1,850
Posted on: Nov 23, 2011

Conference Videos

Keynote: Ruby Everywhere
654-rubyconf2011-keynote-ruby-everywhere-thumb_0003
Yukihiro 'Matz' Matsumoto
Big Data Enterprisy Analytics App and Ruby
655-rubyconf2011-big-data-enterprisy-analytics-app-and-ruby-thumb_0004
Amit Kumar
Writing Solid Ruby Code
656-rubyconf2011-writing-solid-ruby-code-thumb_0003
Jim Weirich
Persisting Relations Across Time and Space
657-rubyconf2011-persisting-relations-across-time-and-space-thumb_0004
Piotr Szotkowski
Exceptional Ruby
658-rubyconf2011-exceptional-ruby-thumb_0002
Avdi Grimm
Why You Don't Get Mock Objects
659-rubyconf2011-why-you-don-t-get-mock-objects-thumb_0002
Gregory Moeck
Blueprint: configuration management for busy people
660-rubyconf2011-blueprint-configuration-management-for-busy-people-thumb_0003
Richard Crowley
So You Think You Can Code: Part Deux
Vlcsnap-2011-10-19-18h07m44s206
Aaron Patterson, Ben Bleything, Yossef Mendelssohn, John Barnette, Evan Phoenix
"Algorithms" is Not a Four-Letter Word
662-rubyconf2011-algorithms-is-not-a-four-letter-word-thumb_0004
Jamis Buck
Parallel worlds of CRuby's GC
663-rubyconf2011-parallel-worlds-of-cruby-s-gc-thumb_0003
Narihiro Nakamura
Evented Telephony Application Design with Adhearsion
664-rubyconf2011-evented-telephony-application-design-with-adhearsion-thumb_0001
Ben Klang
Advanced EventMachine
665-rubyconf2011-advanced-eventmachine-thumb_0002
Jonathan Weiss
How Getting Buff Can Make You a Better Rubyist
666-rubyconf2011-how-getting-buff-can-make-you-a-better-rubyist-thumb_0002
Rob Sanheim
Release Early and Release Often: Reducing deployment friction
667-rubyconf2011-release-early-and-release-often-reducing-deployment-friction-thumb_0004
Andy Delcambre
Code design and the science of pleasure
668-rubyconf2011-code-design-and-the-science-of-pleasure-thumb_0001
Jonas Nicklas
LocalCommunity.Build, :through => Code Retreats, Bugmashes & more
669-rubyconf2011-localcommunity-build-through-code-retreats-bugmashes-more-thumb_0000
Prakash Murthy
Better Than ROT13
670-rubyconf2011-better-than-rot13-thumb_0002
Bradley Grzesiak
Keeping Ruby Reasonable
671-rubyconf2011-keeping-ruby-reasonable-thumb_0003
Joshua Ballanco
Pure Ruby GUI
672-rubyconf2011-pure-ruby-gui-thumb_0003
Micah Martin, Robert Martin
Powerful (but Easy) Data Visualization with the Graph Gem
673-rubyconf2011-powerful-but-easy-data-visualization-with-the-graph-gem-thumb_0002
Aja Hammerly
JRuby and Big Data
674-rubyconf2011-jruby-and-big-data-thumb_0003
Jeremy Hinegardner
Rails services in the walled garden
675-rubyconf2011-rails-services-in-the-walled-garden-thumb_0000
Sidu Ponnappa, Niranjan Paranjape
Ruby Software Continuously Delivered and Exhaustively Explained
676-rubyconf2011-ruby-software-continuously-delivered-and-exhaustively-explained-thumb_0002
Srushti Ambekallu, Brian Guthrie
A Mentor in the Limelight
677-rubyconf2011-a-mentor-in-the-limelight-thumb_0003
Paul Pagel
MongoDB to MySQL: the How and the Why
678-rubyconf2011-mongodb-to-mysql-the-how-and-the-why-thumb_0001
Sarah Mei
Services Inception with Ruby
679-rubyconf2011-services-inception-with-ruby-thumb_0003
Dave McCrory
Message in a bottle
680-rubyconf2011-message-in-a-bottle-thumb_0003
Konstantin Haase
The Return of Shoes
681-rubyconf2011-the-return-of-shoes-thumb_0000
Steve Klabnik
The Secret Life of Ruby: Warrior With A Cause
682-rubyconf2011-the-secret-life-of-ruby-warrior-with-a-cause-thumb_0001
Dewayne VanHoozer
Ruby OpenSSL: Present, Future and why it matters
683-rubyconf2011-ruby-openssl-present-future-and-why-it-matters-thumb_0004
Martin Boßlet
JRuby: Polyglot Heaven
684-rubyconf2011-jruby-polyglot-heaven-thumb_0000
Charles Nutter, Thomas Enebo
The Well-Grounded Nuby
685-rubyconf2011-the-well-grounded-nuby-thumb_0000
David A. Black
MacRuby on Rails
686-rubyconf2011-macruby-on-rails-thumb_0002
Kouji Takao
Practical Metaprogramming: "Modeling Thought"; Or, Lessons Learned While Using Ruby's MP System to Model a 2,500 Year-Old, Dead Language
687-rubyconf2011-practical-metaprogramming-modeling-thought-or-lessons-learned-while-using-ruby-s-mp-system-to-model-a-2-500-year-old-dead-language-thumb_0002
Steven Harms
Getting Fancy on Rubinius
688-rubyconf2011-getting-fancy-on-rubinius-thumb_0004
Christopher Bertels
Implementation of Ruby 1.9.3 and later
689-rubyconf2011-implementation-of-ruby-1-9-3-and-later-thumb_0002
Koichi Sasada
Parallel Testing World
690-rubyconf2011-parallel-testing-world-thumb_0003
Shota Fukumori
Nikita: The Ruby Secret Agent
691-rubyconf2011-nikita-the-ruby-secret-agent-thumb_0003
Brian Ford
Must It Always Be About Sex?
692-rubyconf2011-must-it-always-be-about-sex-thumb_0004
Joshua Wehner
KidsRuby: Think Of The Children!
693-rubyconf2011-kidsruby-think-of-the-children-thumb_0004
Ron Evans
Test-drive the development of your command-line applications
694-rubyconf2011-test-drive-the-development-of-your-command-line-applications-thumb_0001
David Copeland
Just Say No To :nodoc: and Document Your Code!
695-rubyconf2011-just-say-no-to-nodoc-and-document-your-code-thumb_0002
Loren Segal
Be a Minecraft modman with Purugin
696-rubyconf2011-be-a-minecraft-modman-with-purugin-thumb_0003
Thomas Enebo
Your tests are lying to you
697-rubyconf2011-your-tests-are-lying-to-you-thumb_0004
Chris Parsons
Float is Legacy
698-rubyconf2011-float-is-legacy-thumb_0000
Kenta Murata
Resources, For Real This Time (with Webmachine)
699-rubyconf2011-resources-for-real-this-time-with-webmachine-thumb_0004
Sean Cribbs
Lightning Talks
Rubyconf2011
Various Presenters
Lightning Talk: company_fit.should_not == monoculture
736-rubyconf2011-lightning-talk-company_fit-should_not-monoculture-thumb_0001
Tim Connor
Lightning Talk: Let's go to "Shibuya Rubyist Lunch" at Tokyo, Japan
737-rubyconf2011-lightning-talk-let-s-go-to-shibuya-rubyist-lunch-at-tokyo-japan-thumb_0002
Toshiaki Koshiba
Q&A with Matz
700-rubyconf2011-q-a-with-matz-thumb_0002
Yukihiro 'Matz' Matsumoto
Debugging Ruby
701-rubyconf2011-debugging-ruby-thumb_0001
Hemant Kumar
Scaling Ruby with Actors, or How I Learned to Stop Worrying and Love Threads
702-rubyconf2011-scaling-ruby-with-actors-or-how-i-learned-to-stop-worrying-and-love-threads-thumb_0002
Mike Perham
Raising the Bar
703-rubyconf2011-raising-the-bar-thumb_0000
Tyler Hunt
Ruby in the browser with NativeClient (NaCl)
704-rubyconf2011-ruby-in-the-browser-with-nativeclient-nacl-thumb_0000
Ilya Grigorik
Next Level Virtual Machine Maneuver!
705-rubyconf2011-next-level-virtual-machine-maneuver-thumb_0003
Mitchell Hashimoto
How GitHub Uses GitHub to Build GitHub
706-rubyconf2011-how-github-uses-github-to-build-github-thumb_0004
Zach Holman
Go <=> Ruby
707-rubyconf2011-go-ruby-thumb_0001
Eleanor McHugh
Ruby Community: Awesome; Could Be Awesomer
708-rubyconf2011-ruby-community-awesome-could-be-awesomer-thumb_0002
Marty Haught
Threading versus Evented
709-rubyconf2011-threading-versus-evented-thumb_0001
Dr. Nic Williams
Advanced API design: how an awesome API can attract friends, make you rich, and change the world
710-rubyconf2011-advanced-api-design-how-an-awesome-api-can-attract-friends-make-you-rich-and-change-the-world-thumb_0003
Jonathan Dahl
Laser: Static Analysis for Ruby, in Ruby
711-rubyconf2011-laser-static-analysis-for-ruby-in-ruby-thumb_0001
Michael Edgar
GitHub Flavored Ruby
712-rubyconf2011-github-flavored-ruby-thumb_0000
Tom Preston-Werner
Sandboxing Ruby: The Good, the Bad, and the Fugly.
713-rubyconf2011-sandboxing-ruby-the-good-the-bad-and-the-fugly-thumb_0004
Eric Allam
Complex Ruby concepts dummified
714-rubyconf2011-complex-ruby-concepts-dummified-thumb_0001
Matt Aimonetti
MongoMapper, Mixins, and Migrations - a look at managing data-model complexity
715-rubyconf2011-mongomapper-mixins-and-migrations-a-look-at-managing-data-model-complexity-thumb_0004
Tim Connor


Version: 1.0 (381) by Coby Randquist on 2012-05-20