On Tue, Nov 25, 2008 at 10:31 AM, Matt King <[EMAIL PROTECTED]> wrote: > 2008/11/25 Luis Lavena <[EMAIL PROTECTED]>: >> Matt, >> >> RubyGems is not designed for arbitrary code execution, which will be a >> security concern. >> >> A bad intentioned gem developer will release a gem that can take >> advantage of this privilege and perform nasty tasks. > > Yes, didn't think of it that way. Makes total sense. > >> If you like to have a script marked as executable, why not create a >> CLI and put into the bin directory to be mapped by rubygems as >> executable for you? > > Well because it's not something a user will execute at the CLI, it's a > required executable by the gem itself in order for some functionality > to work.
By required executable you mean a binary? Or you're calling/shelling out to another ruby script that you bundle? If you provide more information (ala: details) will be much more easy for us to contribute ideas to proper implement this without guessing :-) -- Luis Lavena AREA 17 - Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so. Douglas Adams _______________________________________________ Rubygems-developers mailing list Rubygems-developers@rubyforge.org http://rubyforge.org/mailman/listinfo/rubygems-developers
