diff --git a/ChangeLog b/ChangeLog
index f677f8cc22..6017976d29 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Thu Jun 26 17:43:41 2008  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* variable.c (rb_f_trace_var): should not be allowed at safe level 4.  
+	  a patch from Keita Yamaguchi <keita.yamaguchi@gmail.com>.
+
 Thu Jun 26 11:04:30 2008  Eric Hodel  <drbrain@segment7.net>
 
 	* lib/rubygems: Update to RubyGems 1.2.0 r1824.  Incorporates patch by
diff --git a/variable.c b/variable.c
index 3185d8a3c6..b5049afae7 100644
--- a/variable.c
+++ b/variable.c
@@ -594,6 +594,7 @@ rb_f_untrace_var(int argc, VALUE *argv)
     struct trace_var *trace;
     st_data_t data;
 
+    rb_secure(4);
     rb_scan_args(argc, argv, "11", &var, &cmd);
     id = rb_to_id(var);
     if (!st_lookup(rb_global_tbl, id, &data)) {