David Vallner
2/12/2006 8:13:00 PM
Dna Nedela 12 Február 2006 14:54 Tom Allison napísal:
> Is there somewhere I can find some description on the proper care and
> feeding of Ruby SafeLevels?
>
> I was going to start looking into Rails, but the notion of SafeLevel = 0
> being a requirement is kind of a "really bad idea" (Assumption: this is
> still valid for mod_ruby) in my opinion.
>
> But it can still be useful to work under CGI (again, assuming the SafeLevel
> can be >0) and not worry about doing something fundamentally dumb.
>
> From a Perl background much of this makes wonderful sense until I get to
> the SafeLevel of a tainted object. How do you cleans such a beast?
> untainting strings is trivial, but larger objects... My Perl background
> fails me at this point.
irb(main):001:0> require 'ostruct'
=> true
irb(main):002:0> foo = OpenStruct.new
=> <OpenStruct>
irb(main):003:0> foo.tainted?
=> false
irb(main):004:0> foo.bar = gets
quux
=> "quux\n"
irb(main):005:0> foo.bar.tainted?
=> true
irb(main):006:0> foo.tainted?
=> false
irb(main):001:0> foo = gets
bar
=> "bar\n"
irb(main):002:0> "foo = #{foo}"
=> "foo = bar\n"
irb(main):003:0> _.tainted?
=> true
irb(main):004:0> foo = gets
%s
=> "%s\n"
irb(main):005:0> foo % "bar"
=> "bar\n"
irb(main):006:0> _.tainted?
=> true
irb(main):007:0>
Whether an object is tainted or not depends on the class of the object. By
default, any objects are untainted unless you decide to taint them. If Rails
provides you with a tainted object, it's your responsibility to sanitize it's
attributes, and then call #untaint on it.
There's usually no magic involved in deciding whether an object is or isn't
tainted, short of the well known tainting strings from user input, and any
strings resulting from interpolation of these with or into other strings.
David Vallner