Would this solution be able to to cross implentations of Ruby?
Nick Sieger-2 wrote: > > On 6/28/07, Thomas E Enebo <[EMAIL PROTECTED]> wrote: >> I say chuck it out since we are not even close to being correct in >> this area. It gives a false sense of security. In fact, I wonder >> what sort of audit MRI goes through to demonstrate that safe/taint is >> working. As far as I can tell tainting is really tough to get right >> and keep right. >> >> The Drb mention below makes me think we need to come up with a >> creative solution to replace it (using Java's security mechanism in >> some way). I am hoping some enterprising community member who cares >> about this will help find the true path... > > Actually, I'm thinking the right path would be to promote > sandbox/javasand. We just need to polish it up and get some examples > out there on how to secure a real-world application with it. _eric's > irc bot is one example. > > /Nick > > --------------------------------------------------------------------- > To unsubscribe from this list please visit: > > http://xircles.codehaus.org/manage_email > > > -- View this message in context: http://www.nabble.com/Ditching-SAFE-and-tainting-tf3989911.html#a11362685 Sent from the JRuby - Dev mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe from this list please visit: http://xircles.codehaus.org/manage_email
