When $SAFE is >= 2 then code can't be loaded from "globally writable locations".
Can someone clarify what a "globally" writable location is?
What locations are not globally writable?
···
--
R. Mark Volkmann
Partner, Object Computing, Inc.
When $SAFE is >= 2 then code can't be loaded from "globally writable locations".
Can someone clarify what a "globally" writable location is?
What locations are not globally writable?
--
R. Mark Volkmann
Partner, Object Computing, Inc.
I assume you're getting this out of the "pick axe" book. Later down, they
refer to it also as "world writable," a term you might be familiar with.
It just means the permissions on the file/directory are such that any user
on the host has the ability to write to the file, rather than just a
particular user or group. If your system hosting the program is accessable
to lots of people, it means you could load a program that was changed and
possibly harmful.
I really don't know how it's handled on FAT filesystems (which have no
permission mechanism), but I assume it considers those bad as well.
Here's the first UNIX file permission tutorial that came up on Google -
looks decent:
http://www.dartmouth.edu/~rc/help/faq/permissions.html
Hope that helps you out.
Rob
On 9/17/05, Mark Volkmann <r.mark.volkmann@gmail.com> wrote:
When $SAFE is >= 2 then code can't be loaded from "globally writable
locations".
Can someone clarify what a "globally" writable location is?
What locations are not globally writable?
>
> When $SAFE is >= 2 then code can't be loaded from "globally writable
> locations".
> Can someone clarify what a "globally" writable location is?
> What locations are not globally writable?I assume you're getting this out of the "pick axe" book.
Yes.
Later down, they
refer to it also as "world writable," a term you might be familiar with.
Ah, if I had seen that it would have helped. What page do you see that on?
It just means the permissions on the file/directory are such that any user
on the host has the ability to write to the file, rather than just a
particular user or group. If your system hosting the program is accessable
to lots of people, it means you could load a program that was changed and
possibly harmful.I really don't know how it's handled on FAT filesystems (which have no
permission mechanism), but I assume it considers those bad as well.
I tried the following under Windows and Ruby didn't complain.
$SAFE = 2
load 'moreCode.rb' # just contains a puts
Shouldn't it have complained?
Here's the first UNIX file permission tutorial that came up on Google -
looks decent:
Dartmouth Web AuthenticationHope that helps you out.
Thanks!
On 9/17/05, Rob Rypka <rascal1182@gmail.com> wrote:
On 9/17/05, Mark Volkmann <r.mark.volkmann@gmail.com> wrote:
--
R. Mark Volkmann
Partner, Object Computing, Inc.
> Later down, they
> refer to it also as "world writable," a term you might be familiar with.Ah, if I had seen that it would have helped. What page do you see that on?
I'm not really sure which page, my Pick Axe book is currently at work.
However, I saw it on the free online version:
http://www.rubycentral.com/book/taint.html
The details about safe modes are at the very end of the page.
I tried the following under Windows and Ruby didn't complain.
$SAFE = 2
load 'moreCode.rb' # just contains a putsShouldn't it have complained?
If you're running XP, you've probably got an NTFS filesystem, which does
have permissions capabilities.
However, you're right. I have a FAT partition on my windows machine, and it
happily loads a file from it when $SAFE = 2.
Again, I'm not an expert on Windows filesystems, or how Ruby handles them...
Someone else should jump in and explain this :-).
Rob
On 9/17/05, Mark Volkmann <r.mark.volkmann@gmail.com> wrote:
On 9/17/05, Rob Rypka <rascal1182@gmail.com> wrote: