#!/usr/bin/ruby , #!/usr/bin/ruby -w , #!/usr/bin/ruby -T?, #!/usr/bin/ruby -T1...

A

anne001

""All external data is dangerous. Don't let it close to interfaces that
can modify your system."
http://www.rubycentral.com/book/taint.html

what does #!/usr/bin/ruby -w do?

is #!/usr/bin/ruby -T1 the same as -T with $SAFE=1?

Why not always use -T with a safety level of at least 1?

"Walter should have run his CGI script at a safe level of 1,This would
have raised an exception when the program tried to pass form data to
eval"
In what log file do exceptions show up?

"He could have chosen to implement a proper expression parser,
bypassing the risks inherent in using eval."
Does that mean defining in advance the expressions the use can enter?
like phone systems, do you want agent, billing, etc?
 
T

ts

a> what does #!/usr/bin/ruby -w do?

it make ruby more verbose

moulon% ruby -e 'p (1)'
1
moulon%

moulon% ruby -we 'p (1)'
-e:1: warning: (...) interpreted as grouped expression
1
moulon%

a> is #!/usr/bin/ruby -T1 the same as -T with $SAFE=1?

'#!/usr/bin/ruby -T' is the same than '#!/usr/bin/ruby -T1'

#!/usr/bin/ruby -T1

set $SAFE = 1 when ruby process the argument

a> Why not always use -T with a safety level of at least 1?

Except with -T0, if you use -T you have fatally a safety level of at
least 1
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,734
Messages
2,569,441
Members
44,832
Latest member
GlennSmall

Latest Threads

Top