U.Nakamura
10/30/2003 12:43:00 AM
Hello,
In message "Re: [BUG] system() isn't safe on win32"
on Oct.30,2003 09:28:09, <matz@ruby-lang.org> wrote:
| |This ruby one-liner
| |
| | ruby -ve "$SAFE = 5; system 'echo Was able to run an arbitrary command
| | in safe mode.'"
| |
| |produces this scary result:
| |
| | ruby 1.8.0 (2003-08-04) [i386-mswin32]
| | Was able to run an arbitrary command in safe mode.
| |
| |IMHO this effectively disables all the security which $SAFE ought to
| |give you and should be fixed in the ruby interpreter.
|
| It shouldn't happen. Does anyone confirm this?
It's bug of mswin32 (and mingw32, bccwin32). Sorry.
I've fixed it on CVS.
Regards,
--
U.Nakamura <usa@osb.att.ne.jp>