I will modify rubycomplete so that it doesn't load anything from the current buffer by default. This will limit completion to the default environment objects. rubycomplete does not seem to work with $SAFE > 3.
As a note, sorry about the lag, I missed this thread until Bram brought it to my attention. --mark <(07/06/06 08:09) Martin Povoln> > Nikolai Weibull wrote: > >On 6/6/06, Martin Povolný <[EMAIL PROTECTED]> wrote: > >>Nikolai Weibull wrote: > >>> On 6/6/06, Martin Povolný <[EMAIL PROTECTED]> wrote: > >>> > require 'a' > > > >>> Here's where it happens. It will actually require 'a' so that it > >>> knows about the stuff in that file. $SAFE _may_ be a solution. > > > >>I understand how and why it happends. I report that it is a > >>_security_problem_ and it should be fixed. > > > >Oh, excuse me; I feel so silly for trying to clarify the situation for > >everyone else. What was I thinking? > > > > Well I didn't mean to run into you, sorry if I did. I'm not a native > speaker so I don't get all information between lines. I think what you > have written is obvious and it's even documented in the VIM help. Node > "ft-ruby-omni" says: > > Notes: > - Vim will load/evaluate code in order to provide completions. > This may cause some code execution, which may be a concern. > > I expected people on this list to know more then I about all this and > therefor read your message as addressed to me. > > Anyway no need for irony. Lets focus on the problem. > > -- > Mgr. Martin Povolný, soLNet, s.r.o., > +420777714458, [EMAIL PROTECTED] > -- Those the gods wish to destroy they call promising.
pgpHNw5VgGuim.pgp
Description: PGP signature
