[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

mod_ruby, require, and $SAFE

yermej

1/22/2007 5:19:00 PM

When running under mod_ruby with the default $SAFE == 1, a file
containing only this:

require 'active_record'

will give a 500 response with the error:

mod_ruby: error in ruby
mod_ruby: /usr/lib64/ruby/site_ruby/1.8/rubygems/source_index.rb:73:in
`read': Insecure operation - read (SecurityError)
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/source_index.rb:73:in
`load_specification'
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/source_index.rb:45:in
`from_installed_gems'
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/source_index.rb:44:in
`from_installed_gems'
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/source_index.rb:63:in
`from_installed_gems'
mod_ruby: from /usr/lib64/ruby/site_ruby/1.8/rubygems.rb:79:in
`source_index'
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/custom_require.rb:105:in
`init_gemspecs'
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/custom_require.rb:50:in
`initialize'
mod_ruby: from
/usr/lib64/ruby/site_ruby/1.8/rubygems/custom_require.rb:24:in
`require'
mod_ruby: from /home/user/public_html/lvs/cgi/safe_test.rbx:1
mod_ruby: from /usr/lib64/ruby/1.8/apache/ruby-run.rb:53:in `handler'

I think this is happening because whatever is loaded from active_record
is tainted and then can't be used to do the requires that active_record
needs to do. That could be way off though.

I'm aware of the RubySafeLevel apache directive, but is there a
reasonable way to keep $SAFE == 1 and still be able to require
active_record?

Thanks,
Jeremy
10 Answers

Eric Hodel

1/22/2007 7:18:00 PM

0

On Jan 22, 2007, at 09:20, yermej@gmail.com wrote:

> When running under mod_ruby with the default $SAFE == 1, a file
> containing only this:
>
> require 'active_record'
>
> will give a 500 response with the error:
>
> mod_ruby: error in ruby
> mod_ruby: /usr/lib64/ruby/site_ruby/1.8/rubygems/source_index.rb:73:in
> `read': Insecure operation - read (SecurityError)
>
> I think this is happening because whatever is loaded from
> active_record
> is tainted and then can't be used to do the requires that
> active_record
> needs to do. That could be way off though.
>
> I'm aware of the RubySafeLevel apache directive, but is there a
> reasonable way to keep $SAFE == 1 and still be able to require
> active_record?

What version of RubyGems are you using?

--
Eric Hodel - drbrain@segment7.net - http://blog.se...

I LIT YOUR GEM ON FIRE!

yermej

1/22/2007 7:45:00 PM

0

Eric Hodel wrote:
> What version of RubyGems are you using?

$ gem --version
shows 0.8.11

Jeremy

yermej

1/22/2007 8:23:00 PM

0

yermej@gmail.com wrote:
> Eric Hodel wrote:
> > What version of RubyGems are you using?
>
> $ gem --version
> shows 0.8.11

I just update RubyGems and now everything in my original script is
working fine. If you don't mind, could you give me a bit of detail
about what went wrong and what was changed in later versions of Gems?
To satisfy my curiosity more than anything.

Thanks for the suggestion.

Jeremy

yermej

1/22/2007 8:24:00 PM

0

yermej@gmail.com wrote:
> Eric Hodel wrote:
> > What version of RubyGems are you using?
>
> $ gem --version
> shows 0.8.11

I just updated RubyGems and now everything in my original script is
working fine. If you don't mind, could you give me a bit of detail
about what went wrong and what was changed in later versions of Gems?
To satisfy my curiosity more than anything.

Thanks for the suggestion.

Jeremy

Eric Hodel

1/22/2007 9:22:00 PM

0

On Jan 22, 2007, at 12:25, yermej@gmail.com wrote:
> yermej@gmail.com wrote:
>> Eric Hodel wrote:
>>> What version of RubyGems are you using?
>>
>> $ gem --version
>> shows 0.8.11
>
> I just updated RubyGems and now everything in my original script is
> working fine. If you don't mind, could you give me a bit of detail
> about what went wrong and what was changed in later versions of Gems?
> To satisfy my curiosity more than anything.

I added $SAFE = 1 support to RubyGems in 0.9.0. Before that RubyGems
didn't untaint objects and was incapable of working.

--
Eric Hodel - drbrain@segment7.net - http://blog.se...

I LIT YOUR GEM ON FIRE!

Michael Ejercito

12/7/2012 11:25:00 PM

0

On Dec 7, 8:18 am, The Revd <peel...@degenerate.Grik> wrote:
> On Fri, 7 Dec 2012 07:34:37 -0800 (PST), Michael Ejercito
>
>
>
>
> <mejer...@hotmail.com> wrote:
> >On Dec 6, 9:18 pm, The Revd <peel...@degenerate.Grik> wrote:
> >> On Thu, 6 Dec 2012 17:55:23 -0800 (PST), Michael Ejercito
>
> >> <mejer...@hotmail.com> wrote:
> >> > Wrong, sperm breath.
>
> >> WE decide what's wrong, rectum breath.
> >   Boy, you are such a cock breath.
>
> Gook, you are such a rectum breath...and a stupid cunt.
Jizz breath, you are such a nithing.

>
> I bet you just can't wait to get your Statue of Liberty costume at the
> end of January!  If you're REALLY lucky, you'll get assigned to the
> tax preparation booth at the local WalMart!  LOL
You mean like work for a living?

What Nazi nithing is familiar with that?

The following ballad was dedicated to me.

http://groups.google.com/group/soc.veterans/msg/2a544b...

Well Michael is the guardian angel of Israel,
He tackles the anti-Semites that stink and smell,
He attacks them for what they are,
And he’s not a drunk sitting in a bar,
He rebuffs the Nazi and heathen scum,
He a clean sort of fellow and not a bum.
He’s courageous and brave as can be,
And he chastises the Revd for jacking his pee-pee.
Now we all know Michael is a good guy,
As we laugh at the anti-Semitics that step in cow-pie.
Well Michael Ejercito is an honorable man,
As he out smarts the Nazis of the Klu-Klux-Klan.
If he is a Jew or if he’s not,
He’s unlike the Revd that jacks his pecker snot.
Yes Michael seems to be a pretty good dude,
His mind is clean but the Revd’s is lude.
Michael we’re glad you’re on our side,
You’re a good example of Jewish pride.
The anti-Semites and the Huns are mad,
However, Michael when you post you makes people feel glad.
Dear Mike, Keep up the good work and remain well in mind and body,
While the Revd jacks his meat and washes in his pody.
Well that is all I have to say about Michael Ejercito the Gebor (???)
The Revd is a homo and his wife is a whore.

The Revd

12/8/2012 12:36:00 AM

0

On Fri, 7 Dec 2012 15:25:08 -0800 (PST), Michael Ejercito
<mejercit@hotmail.com> wrote:

>On Dec 7, 8:18?am, The Revd <peel...@degenerate.Grik> wrote:
>> On Fri, 7 Dec 2012 07:34:37 -0800 (PST), Michael Ejercito
>>
>>
>>
>>
>> <mejer...@hotmail.com> wrote:
>> >On Dec 6, 9:18 pm, The Revd <peel...@degenerate.Grik> wrote:
>> >> On Thu, 6 Dec 2012 17:55:23 -0800 (PST), Michael Ejercito
>>
>> >> <mejer...@hotmail.com> wrote:
>> >> > Wrong, sperm breath.
>>
>> >> WE decide what's wrong, rectum breath.
>> > ? Boy, you are such a cock breath.
>>
>> Gook, you are such a rectum breath...and a stupid cunt.
> Jizz breath, you are such a nithing.

Diarrhoea breath, you are such a stupid cunt.

>>
>> I bet you just can't wait to get your Statue of Liberty costume at the
>> end of January! ?If you're REALLY lucky, you'll get assigned to the
>> tax preparation booth at the local WalMart! ?LOL
> You mean like work for a living?

WE aks the questions, gook.

Michael Ejercito

12/8/2012 2:35:00 AM

0

On Dec 7, 4:36 pm, The Revd <peel...@degenerate.Grik> wrote:
> On Fri, 7 Dec 2012 15:25:08 -0800 (PST), Michael Ejercito
>
>
>
>
>
>
>
>
>
> <mejer...@hotmail.com> wrote:
> >On Dec 7, 8:18 am, The Revd <peel...@degenerate.Grik> wrote:
> >> On Fri, 7 Dec 2012 07:34:37 -0800 (PST), Michael Ejercito
>
> >> <mejer...@hotmail.com> wrote:
> >> > Boy, you are such a cock breath.
>
> >> Gook, you are such a rectum breath...and a stupid cunt.
> >  Jizz breath, you are such a nithing.
>
> Diarrhoea breath, you are such a stupid cunt.
Boy, you are such a peter breath.

>
>
>
> >> I bet you just can't wait to get your Statue of Liberty costume at the
> >> end of January! If you're REALLY lucky, you'll get assigned to the
> >> tax preparation booth at the local WalMart! LOL
> >   You mean like work for a living?
>
> WE aks the questions, gook.
WE are not surprised that YOU failed to answer OUR question.

The following ballad was dedicated to your kind.

http://groups.google.com/group/soc.veterans/msg/11f6b2...

THE BALLAD OF THE ANTI-SEMITE

Sometimes they’re black sometimes they’re white,
But they’re always an asshole wanting to fight.
Well they hate the Jew for no good reason at all,
They stink, they smell, and they jack-off in the hall.
Well they’re stupid sons the bitches that they are,
They play with their dicks in the front seat of a car,
Most are Muslim and some are German Huns,
Their asses are big and fat and they look like hog buns.
Their hatred is a weakness on all mankind,
Most of them are prejudice and they seem to be blind.
They say they aren’t queer but you know they’re telling a lie,
They’re filthy and nasty and they step in fresh cowpie.
The Aryans and Muslims are anti-Semites to tell,
Both have a stink yes both do smell.
They’re not very courageous they’re pussies to be,
And they all suffer from having a little pee-pee.
Their women are ugly and look like my ass,
They stick their nose down where the dog pissed on the grass.
Well that is all I have to say,
About the anti-Semite gay.

NoSpamAtAll

12/8/2012 10:10:00 AM

0

In article <jq25c8decdpr1n0t4e2teulsan24e2hb71@4ax.com>,
The Revd <peeling@degenerate.Grik> wrote:

> WE aks the questions

The only question YOU ask, cocksucking limey bastard
that you are, is: "Ahmed, can I swallow now? Samir
is waiting!".

The Revd

12/8/2012 12:03:00 PM

0

On Sat, 8 Dec 2012 10:09:46 +0000 (UTC), SmallHernia/HQ/NoSpamAtAll
<spamnot@not.home> wrote:

>In article <jq25c8decdpr1n0t4e2teulsan24e2hb71@4ax.com>,
>The Revd <peeling@degenerate.Grik> wrote:
>
>> WE aks the questions
>
>The only question WE ask, cocksucking jew bastards
>that we are, is: "Ahmed, can I swallow now? Samir
>is waiting!".

And I'm sure you aks that a lot, jewboi!