Ruby

(({public_send})) should only allow calling public methods. By extension, it should not allow calling (({send})), since that would negate the purpose of (({public_send})). In the context of (({public_send})), the (({send})) method has special meaning.

I see no reason to special case this. send is a public method, therefore public_send should be allowed to call it. Attempting to deny access to send for safety reasons is pointless considering that instance_eval is public can be used to work around the issue in the same way:

t.public_send(:instance_eval, 'secret')
t.public_send(:instance_eval, 'exec("rm -rf ~")')

public_send doesn't imply safety, at all, and it was not designed for such a purpose.

@postmodern, send is a public method, why would public_send refuse to call it? Were you suggesting to remove the send method?

Wouldn't something as proposed in http://bugs.ruby-lang.org/issues/5455 help in the long run?

Now I know public_send should not be trusted with arbitrary method names/arguments. Is there even a safe version of send?

=begin
Maybe something like:

class SafeClass
METHOD_SAFE = { :safe_method_1 => true, :safe_method_2 => true }

def safe_send(method, *arguments)
  send(method, *arguments) if METHOD_SAFE[method]
end

end

But this is not completely safe either, because anybody can reopen this class later and change the (({METHOD_SAFE})) constant or even the (({safe_send})) method.
=end