Javier Valencia
2/22/2005 8:38:00 PM
James G. Britt wrote:
>On Wed, 23 Feb 2005 04:32:18 +0900, Javier Valencia <jvalencia@log01.org> wrote:
>
>
>>Have any of you run amrita on mod_ruby?
>>
>>it gives me lots of "SecurityError" problems, and modifying ruby safe
>>level on mod_ruby config doesn't work.
>>
>>
>
>My recollection of working with mod_ruby is that I had some issues
>with tainted strings. I had to explicitly untaint or dupe strings to
>get around things. (I am not advocating this though; I cannot assure
>you that it won't lead to actual security issues, but I was happy when
>I ran www.rubyxml.com under mod_ruby.)
>
>
>
>
My problem is that SecurityError is raised from amrita code, not mine.
Is that a coding error? should i submit a bug?
>>I'm using now REXML, but it's a lot of code to generate a relative
>>simple html page.
>>
>>
>
>You may do better with XMLBuilder.
>
>James
>
>
>
I use gentoo, and XMLBuilder is only available as a gem, rubygems is
marked unstable in my distribution, but i'll give it a try going to the
great world of unstable things.