I notice that calling String#intern on a tainted string returns an untainted
symbol. Is this behaviour correct, does it continue for higher values of
$SAFE, and is it secure? What ramifications might using this have?
Tim Bates
I notice that calling String#intern on a tainted string returns an untainted
symbol. Is this behaviour correct, does it continue for higher values of
$SAFE, and is it secure? What ramifications might using this have?
Tim Bates
Hi,
In message “Symbols and tainting” on 02/12/01, Tim Bates tim@bates.id.au writes:
I notice that calling String#intern on a tainted string returns an untainted
symbol. Is this behaviour correct, does it continue for higher values of
$SAFE, and is it secure? What ramifications might using this have?
Since Symbols are immediate values, there’s no way to taint them.
I haven’t think of this issue before. Hmm. Maybe interning from
tainted strings should be prohibited on higer $SAFE level.
matz.
Perhaps in higher $SAFE levels sym.id2name should create only tainted
strings, too.
Paul
On Sun, Dec 01, 2002 at 07:53:24PM +0900, Yukihiro Matsumoto wrote:
I notice that calling String#intern on a tainted string returns an untainted
symbol. Is this behaviour correct, does it continue for higher values of
$SAFE, and is it secure? What ramifications might using this have?Since Symbols are immediate values, there’s no way to taint them.
I haven’t think of this issue before. Hmm. Maybe interning from
tainted strings should be prohibited on higer $SAFE level.
Perhaps in higher $SAFE levels sym.id2name should create only tainted
strings, too.
Well, with $SAFE >= 3 all new objects are tainted
pigeon% ruby -e '$SAFE = 3;p :name.id2name.tainted?'
true
pigeon%
Guy Decoux
Hi,
In message “Re: Symbols and tainting” on 02/12/02, Paul Brannan pbrannan@atdesk.com writes:
Since Symbols are immediate values, there’s no way to taint them.
I haven’t think of this issue before. Hmm. Maybe interning from
tainted strings should be prohibited on higer $SAFE level.Perhaps in higher $SAFE levels sym.id2name should create only tainted
strings, too.
It does now.
ruby -e ‘p Thread.start{$SAFE=4; “foo”.intern.id2name.tainted?}.value’
matz.