Feature #14250

Make `$SAFE` process global state and allow to set 0 again

Added by ko1 (Koichi Sasada) almost 3 years ago. Updated almost 3 years ago.

Target version:


$SAFE > 1 is removed from Ruby 2.3 and there are some opinion to remove $SAFE feature ([Feature #5455]).
There are several reason, but the biggest reason I think is nobody use $SAFE correctly.

Also current $SAFE is thread/proc local information and it hurts performance (we need to restore $SAFE information just after returning proc, even if returning by exception).

Matz said $SAFE == 1 is similar to warning and it is not a security feature, but one of the programming tool we can use to improve our program ($SAFE == 3 was for sandbox, security feature).

From this perspective, Matz approved us the followings:

  • $SAFE is process global, not a Proc local state.
  • We can set $SAFE == 0 when $SAFE == 1.

I think we can't make big project with the above changes (how to make multi-thread programming with this $SAFE?), but $SAFE seems for small project (so-called scripting). Anyway if nobody use it, no problem on these changes.

I will commit this change soon.
Please try new spec and point out any problem you got.



gems-using-safe.txt (15.1 KB) gems-using-safe.txt mame (Yusuke Endoh), 12/28/2017 02:31 AM

Related issues

Related to Ruby master - Feature #14256: Deprecate $SAFE support in ERB and let take keyword arguments for itClosedk0kubun (Takashi Kokubun)Actions
Related to Ruby master - Bug #14353: $SAFE should stay at least thread-local for compatibilityClosedmatz (Yukihiro Matsumoto)Actions

Also available in: Atom PDF