More on mod_ruby and gems

Ernest_Ellingson2 · 24 October 2005 19:12

Here is the output from apache's error_log.

[Mon Oct 24 11:25:38 2005] [error] mod_ruby: /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:21:in `require__': Insecure operation - require__ (SecurityError)
[Mon Oct 24 11:25:38 2005] [error] mod_ruby: from /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:21:in `require'
[Mon Oct 24 11:25:38 2005] [error] mod_ruby: from /var/www/html/testit.rbx:2

Is there a way to overcome the SecurityError.

require__ looks to be an alias for kernel.require.

Is it possible to untaint this object?

Ernie

Topic		Replies	Views
Mod_ruby, require, and $SAFE ruby-talk	5	124	22 January 2007
Mod_ruby and rubygems ruby-talk	2	71	24 October 2005
SecurityError requiring gems and other files with $SAFE=1 in Ruby 1.9.1 ruby-talk	3	144	16 April 2009
Mod_ruby require LoadError ruby-talk	1	61	26 January 2005
Insecure operation ruby-talk	1	97	27 August 2008

More on mod_ruby and gems

Related topics