$safe >= 2

When $SAFE is >= 2 then code can't be loaded from "globally writable locations".
Can someone clarify what a "globally" writable location is?
What locations are not globally writable?

···

--
R. Mark Volkmann
Partner, Object Computing, Inc.

I assume you're getting this out of the "pick axe" book. Later down, they
refer to it also as "world writable," a term you might be familiar with.

It just means the permissions on the file/directory are such that any user
on the host has the ability to write to the file, rather than just a
particular user or group. If your system hosting the program is accessable
to lots of people, it means you could load a program that was changed and
possibly harmful.

I really don't know how it's handled on FAT filesystems (which have no
permission mechanism), but I assume it considers those bad as well.

Here's the first UNIX file permission tutorial that came up on Google -
looks decent:
http://www.dartmouth.edu/~rc/help/faq/permissions.html

Hope that helps you out.

Rob

···

On 9/17/05, Mark Volkmann <r.mark.volkmann@gmail.com> wrote:

When $SAFE is >= 2 then code can't be loaded from "globally writable
locations".
Can someone clarify what a "globally" writable location is?
What locations are not globally writable?

>
> When $SAFE is >= 2 then code can't be loaded from "globally writable
> locations".
> Can someone clarify what a "globally" writable location is?
> What locations are not globally writable?

I assume you're getting this out of the "pick axe" book.

Yes.

Later down, they
refer to it also as "world writable," a term you might be familiar with.

Ah, if I had seen that it would have helped. What page do you see that on?

It just means the permissions on the file/directory are such that any user
on the host has the ability to write to the file, rather than just a
particular user or group. If your system hosting the program is accessable
to lots of people, it means you could load a program that was changed and
possibly harmful.

I really don't know how it's handled on FAT filesystems (which have no
permission mechanism), but I assume it considers those bad as well.

I tried the following under Windows and Ruby didn't complain.

$SAFE = 2
load 'moreCode.rb' # just contains a puts

Shouldn't it have complained?

Here's the first UNIX file permission tutorial that came up on Google -
looks decent:
Dartmouth Web Authentication

Hope that helps you out.

Thanks!

···

On 9/17/05, Rob Rypka <rascal1182@gmail.com> wrote:

On 9/17/05, Mark Volkmann <r.mark.volkmann@gmail.com> wrote:

--
R. Mark Volkmann
Partner, Object Computing, Inc.

> Later down, they
> refer to it also as "world writable," a term you might be familiar with.

Ah, if I had seen that it would have helped. What page do you see that on?

I'm not really sure which page, my Pick Axe book is currently at work.
However, I saw it on the free online version:

http://www.rubycentral.com/book/taint.html

The details about safe modes are at the very end of the page.

I tried the following under Windows and Ruby didn't complain.

$SAFE = 2
load 'moreCode.rb' # just contains a puts

Shouldn't it have complained?

If you're running XP, you've probably got an NTFS filesystem, which does
have permissions capabilities.

However, you're right. I have a FAT partition on my windows machine, and it
happily loads a file from it when $SAFE = 2.

Again, I'm not an expert on Windows filesystems, or how Ruby handles them...
Someone else should jump in and explain this :-).

Rob

···

On 9/17/05, Mark Volkmann <r.mark.volkmann@gmail.com> wrote:

On 9/17/05, Rob Rypka <rascal1182@gmail.com> wrote: