* object.c: With feedback from Steve Klabnik, reverted a change to
#untrusted? and #tainted?. Also adjusted grammar for $SAFE levels git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40510 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
2068f3cedb
commit
9ef25d883d
@ -1,3 +1,8 @@
|
|||||||
|
Sun Apr 28 10:35:00 2013 Zachary Scott <zachary@zacharyscott.net>
|
||||||
|
|
||||||
|
* object.c: With feedback from Steve Klabnik, reverted a change to
|
||||||
|
#untrusted? and #tainted?. Also adjusted grammar for $SAFE levels
|
||||||
|
|
||||||
Sun Apr 28 10:10:00 2013 Zachary Scott <zachary@zacharyscott.net>
|
Sun Apr 28 10:10:00 2013 Zachary Scott <zachary@zacharyscott.net>
|
||||||
|
|
||||||
* lib/yaml.rb: Disable setting YAML const twice [ruby-core:54642]
|
* lib/yaml.rb: Disable setting YAML const twice [ruby-core:54642]
|
||||||
|
16
object.c
16
object.c
@ -844,7 +844,7 @@ rb_obj_dummy(void)
|
|||||||
* call-seq:
|
* call-seq:
|
||||||
* obj.tainted? -> true or false
|
* obj.tainted? -> true or false
|
||||||
*
|
*
|
||||||
* Returns whether the object is tainted.
|
* Returns true if the object is tainted.
|
||||||
*
|
*
|
||||||
* See #taint for more information.
|
* See #taint for more information.
|
||||||
*/
|
*/
|
||||||
@ -863,18 +863,18 @@ rb_obj_tainted(VALUE obj)
|
|||||||
*
|
*
|
||||||
* Mark the object as tainted.
|
* Mark the object as tainted.
|
||||||
*
|
*
|
||||||
* To check whether an object is tainted, use #tainted?
|
|
||||||
*
|
|
||||||
* Objects that are marked as tainted will be restricted from various built-in
|
* Objects that are marked as tainted will be restricted from various built-in
|
||||||
* methods. This is to prevent insecure data, such as command-line arguments
|
* methods. This is to prevent insecure data, such as command-line arguments
|
||||||
* or strings read from Kernel#gets, from inadvertently compromising the users
|
* or strings read from Kernel#gets, from inadvertently compromising the users
|
||||||
* system.
|
* system.
|
||||||
*
|
*
|
||||||
|
* To check whether an object is tainted, use #tainted?
|
||||||
|
*
|
||||||
* You should only untaint a tainted object if your code has inspected it and
|
* You should only untaint a tainted object if your code has inspected it and
|
||||||
* determined that it is safe. To do so use #untaint
|
* determined that it is safe. To do so use #untaint
|
||||||
*
|
*
|
||||||
* In $SAFE level 3 and 4, all objects are both tainted and untrusted, and the
|
* In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of
|
||||||
* trust and taint methods will both raise a SecurityError exception.
|
* trust or taint methods will raise a SecurityError exception.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
VALUE
|
VALUE
|
||||||
@ -913,7 +913,7 @@ rb_obj_untaint(VALUE obj)
|
|||||||
* call-seq:
|
* call-seq:
|
||||||
* obj.untrusted? -> true or false
|
* obj.untrusted? -> true or false
|
||||||
*
|
*
|
||||||
* Returns whether the object is untrusted.
|
* Returns true if the object is untrusted.
|
||||||
*
|
*
|
||||||
* See #untrust for more information.
|
* See #untrust for more information.
|
||||||
*/
|
*/
|
||||||
@ -941,8 +941,8 @@ rb_obj_untrusted(VALUE obj)
|
|||||||
* You should only trust an untrusted object if your code has inspected it and
|
* You should only trust an untrusted object if your code has inspected it and
|
||||||
* determined that it is safe. To do so use #trust
|
* determined that it is safe. To do so use #trust
|
||||||
*
|
*
|
||||||
* In $SAFE level 3 and 4, all objects are both tainted and untrusted, and the
|
* In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of
|
||||||
* trust and taint methods will both raise a SecurityError exception.
|
* trust or taint methods will raise a SecurityError exception.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
VALUE
|
VALUE
|
||||||
|
Loading…
x
Reference in New Issue
Block a user