Configuration Files

ruby-talk
1

From: “John W. Long” ws@johnwlong.com
Reply-To: ruby-talk@ruby-lang.org
To: ruby-talk@ruby-lang.org (ruby-talk ML)
Subject: Configuration Files
Date: Thu, 18 Dec 2003 13:01:10 +0900

A while back someone submitted some code to this list for evaluating
Configuration files in the style of:

% cat test.config
editor.spacespertab = 4
toolbar.visible = true
statusbar.visible = false
. . .

One of the great things about their code was that it enabled you to use
ruby
code within your configuration file so you could do things like this

Doesn’t this have some security implications? I’m not really sure that I
can think of any applications that you’d want to let a user configure, but
that runs as root, but if there was one, I wouldn’t want to be evaling code
from the config. As I said, I’m not sure this is a valid concern on my
part, just more of a thought. Could it maybe be configurable from the app?
eval = true; if eval …

···

Make your home warm and cozy this winter with tips from MSN House & Home.
http://special.msn.com/home/warmhome.armx

2

---- “Mike Wilson” wrote: ----

One of the great things about their code was that it enabled you to use
ruby
code within your configuration file so you could do things like this

Doesn’t this have some security implications? I’m not really sure that I
can think of any applications that you’d want to let a user configure, but
that runs as root, but if there was one, I wouldn’t want to be evaling
code
from the config. As I said, I’m not sure this is a valid concern on my
part, just more of a thought.

It does have security implications. My class would only be useful for
implementations where you want to allow people to use ruby code in a
restricted way in the configuration file. There are a limited number of
applications where this is useful. I often find myself using a .rb
configuration file anyway. I just wanted a way to do this in a nicer way.

Could it maybe be configurable from the app?
eval = true; if eval …

In my current implementation no. There was however another configuration
implementation on the list not long ago which you could modify to do what
you want. Search ruby-talk.org to find it.

Yaml is also good for this kind of configuration file.

···

John Long
www.wiseheartdesign.com

3

“Mike Wilson” wmwilson01@hotmail.com schrieb im Newsbeitrag
news:Law12-F50uCVPPvkBhz00001bcc@hotmail.com

From: “John W. Long” ws@johnwlong.com
Reply-To: ruby-talk@ruby-lang.org
To: ruby-talk@ruby-lang.org (ruby-talk ML)
Subject: Configuration Files
Date: Thu, 18 Dec 2003 13:01:10 +0900

A while back someone submitted some code to this list for evaluating
Configuration files in the style of:

% cat test.config
editor.spacespertab = 4
toolbar.visible = true
statusbar.visible = false
. . .

One of the great things about their code was that it enabled you to use
ruby
code within your configuration file so you could do things like this

Doesn’t this have some security implications? I’m not really sure that I
can think of any applications that you’d want to let a user configure, but
that runs as root, but if there was one, I wouldn’t want to be evaling
code
from the config. As I said, I’m not sure this is a valid concern on my
part, just more of a thought. Could it maybe be configurable from the
app?
eval = true; if eval …

You can use $SAVE and / or an anonymous module, like Nobu wrote on
26.1.2003:

Kernel#load code in the file into toplevel context if (omitted)
second argument is false, or an anonymous module.

If it were return that anonymous module, you can write as:

module Data
include load(“datafile”, true)
end

or even

Data = load(“datafile”, true)

robert