SAFE and tainting go hand in hand as perhaps the sole security mechanism
in Ruby. When at various SAFE levels, you can't eval code, modify arrays
and other objects, open files and sockets, and so on. There's 5 safe
levels, increasingly more restrictive.
Except that SAFE and tainting don't work correctly in JRuby, probably
will never work correctly, add a bunch of overhead and security checks,
and are unlikely to actually be SAFE even if they were ever implemented
to the letter of the law.
I'd like to remove both SAFE and tainting.
Sure, they'd still be there...we're not going to alter APIs or anything.
But they won't do anything. And we won't have to check them in the
gazillion places we check them.
Thoughts on this? I know it's come up before, but with 1.0 out we can
start to do these kinds of changes. I'd like to get some buy-in from
other impls too...perhaps if they agree it's a good idea, we'd get less
hassle for changing it.
(I know Evan of Rubinius is already on board)
- Charlie
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
