Bug #9564

closed

Tainted string permitted in Kernel.trap in safe level 1

Added by jrusnack (Jan Rusnacko) over 10 years ago. Updated over 5 years ago.

Status:

Rejected

Assignee:

Target version:

ruby -v:

all?

Backport:

[ruby-core:61080]

Description

According to the existing documentation (I am referring to Programming Ruby: The
Pragmatic Programmer's Guide at http://ruby-doc.com/docs/ProgrammingRuby/ and
The Ruby Programming Language by Flanagan, Matsumoto) Kernel.trap should not
accept a tainted string if $SAFE >= 1.

However, this is true only for $SAFE >= 2, and tainted signal string is accepted
in safe level 1:

signal = "SIGKILL".taint

Thread.start {
$SAFE = 1

no exception¶

trap(signal) { puts 'foo'}
}.join

Thread.start {
$SAFE = 2

throws SecurityError¶

trap(signal) { puts 'foo'}
}.join

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #9564

Tainted string permitted in Kernel.trap in safe level 1

no exception¶

throws SecurityError¶

Updated by usa (Usaku NAKAMURA) over 10 years ago

Updated by jeremyevans0 (Jeremy Evans) over 5 years ago