1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* object.c: With feedback from Steve Klabnik, reverted a change to

Browse Source 
#untrusted? and #tainted?. Also adjusted grammar for $SAFE levels


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40510 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
zzak 2013-04-28 01:35:56 +00:00
parent 2068f3cedb
commit 9ef25d883d
2 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
Sun Apr 28 10:35:00 2013 Zachary Scott <zachary@zacharyscott.net>
* object.c: With feedback from Steve Klabnik, reverted a change to
#untrusted? and #tainted?. Also adjusted grammar for $SAFE levels
Sun Apr 28 10:10:00 2013 Zachary Scott <zachary@zacharyscott.net> Sun Apr 28 10:10:00 2013 Zachary Scott <zachary@zacharyscott.net>
* lib/yaml.rb: Disable setting YAML const twice [ruby-core:54642] * lib/yaml.rb: Disable setting YAML const twice [ruby-core:54642]

16
object.c
View File

@ -844,7 +844,7 @@ rb_obj_dummy(void)
* call-seq: * call-seq:
* obj.tainted? -> true or false * obj.tainted? -> true or false
* *
* Returns whether the object is tainted. * Returns true if the object is tainted.
* *
* See #taint for more information. * See #taint for more information.
*/ */
@ -863,18 +863,18 @@ rb_obj_tainted(VALUE obj)
* *
* Mark the object as tainted. * Mark the object as tainted.
* *
* To check whether an object is tainted, use #tainted?
*
* Objects that are marked as tainted will be restricted from various built-in * Objects that are marked as tainted will be restricted from various built-in
* methods. This is to prevent insecure data, such as command-line arguments * methods. This is to prevent insecure data, such as command-line arguments
* or strings read from Kernel#gets, from inadvertently compromising the users * or strings read from Kernel#gets, from inadvertently compromising the users
* system. * system.
* *
* To check whether an object is tainted, use #tainted?
*
* You should only untaint a tainted object if your code has inspected it and * You should only untaint a tainted object if your code has inspected it and
* determined that it is safe. To do so use #untaint * determined that it is safe. To do so use #untaint
* *
* In $SAFE level 3 and 4, all objects are both tainted and untrusted, and the * In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of
* trust and taint methods will both raise a SecurityError exception. * trust or taint methods will raise a SecurityError exception.
*/ */
VALUE VALUE
@ -913,7 +913,7 @@ rb_obj_untaint(VALUE obj)
* call-seq: * call-seq:
* obj.untrusted? -> true or false * obj.untrusted? -> true or false
* *
* Returns whether the object is untrusted. * Returns true if the object is untrusted.
* *
* See #untrust for more information. * See #untrust for more information.
*/ */
@ -941,8 +941,8 @@ rb_obj_untrusted(VALUE obj)
* You should only trust an untrusted object if your code has inspected it and * You should only trust an untrusted object if your code has inspected it and
* determined that it is safe. To do so use #trust * determined that it is safe. To do so use #trust
* *
* In $SAFE level 3 and 4, all objects are both tainted and untrusted, and the * In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of
* trust and taint methods will both raise a SecurityError exception. * trust or taint methods will raise a SecurityError exception.
*/ */
VALUE VALUE