SAFE levels in JRuby

Are SAFE levels supported in J开发者_如何学CRuby? If not, is there other ways of safely running user supplied code in server?

AFAIK, they aren't supported.

The main problem is that they are very badly documented, so how are the JRuby developers supposed to provide a compatible implementation if nobody knows what a compatible implementation is?

Another reason not to waste time implementing $SAFE levels in JRuby, is that the JVM's security mechanisms provide better protection anyway. Which is also the answer to your second question: from the point of view of the JVM, your Ruby script is just another Java program and it can be sandboxed and controlled just like any other Java program.

How to do that, however, is a question for a Java expert. I'm just a lowly Ruby hacker …