ruby-dev summary 21730-21822

[Minero Aoki]

Hi all,

This is a summary of ruby-dev ML in these days.


[ruby-dev:21616] access ENV on $SAFE==4 (contd.)

From the previous ruby-dev summary ([ruby-talk:84412]):

Hidetoshi NAGAI found that Safe interpreter of Tcl/Tk
don't allow to refer some informations of environments,
such as env, OS, library and so on. And he asked
whether we should forbid to use ENV, RUBY_PLATFORM
and $LOAD_PATH when $SAFE=4.

Hidetoshi NAGAI posted a summary of the thread in [ruby-dev:21804].
This entry is an incomplete translation of his summary.

* $LOAD_PATH

$LOAD_PATH cannot be referred to nor modified when $SAFE>=4.

* ENV

The following new methods are introduced
`insecure' means $SAFE>=4 in this document.

: ENV.allow_insecure_ref(varname)

Enables insecure programs to refer to VARNAME environment
variable.
Raises SecurityError if this method is called on $SAFE>=4.

By default, even insecure programs can refer to all the
environment variables for backward compatibility.

: ENV.deny_insecure_ref(varname)

Disables insecure programs to refer to VARNAME environment
variable.
Raises SecurityError if this method is called on $SAFE>=4.

: ENV.insecure_ref_allowed?(varname) -> bool

Returns true if insecure programs can refer to VARNAME environment
variable.
Raises SecurityError if this method is called on $SAFE>=4.

: ENV.insecure_ref_denied?(varname) -> bool

Returns true unless insecure programs can refer to VARNAME environment
variable.
Raises SecurityError if this method is called on $SAFE>=4.

: ENV.insecure_ref_allowings -> [String]

Returns a list of environment variable names that insecure
programs can refer to.
Raises SecurityError if this method is called on $SAFE>=4.

: ENV.insecure_ref_denyings -> [String]

Returns a list of environment variable names that insecure
programs cannot refer to.
Raises SecurityError if this method is called on $SAFE>=4.

* Module

The following new methods are introduced.
`insecure' means $SAFE>=4 in this document.

: Module#allow_insecure_ref(constname)

Enables insecure programs to refer to CONSTNAME constant.
Raises SecurityError if this method is called on $SAFE>=4.

: Module#deny_insecure_ref(constname)

Disables insecure programs to refer to CONSTNAME constant.
Raises SecurityError if this method is called on $SAFE>=4.

: Module#insecure_ref_allowed?(constname) -> bool

Returns true if insecure programs can refer to CONSTNAME
constant.
Raises SecurityError if this method is called on $SAFE>=4.

: Module#insecure_ref_denied?(constname)

Returns true unless insecure programs can refer to CONSTNAME
constant.
Raises SecurityError if this method is called on $SAFE>=4.

: Module#insecure_ref_allowings -> [String]

Returns a list of constant names which insecure programs
can refer to.
Raises SecurityError if this method is called on $SAFE>=4.

: Module#insecure_ref_denyings -> [String]

Returns a list of constant names which are hidden from
insecure programs.
Raises SecurityError if this method is called on $SAFE>=4.

* RUBY_PLATFORM, PLATFORM

Object.deny_insecure_refRUBY_PLATFORM) and
Object.deny_insecure_refPLATFORM) are the default.
These constants are invisible from insecure programs.


Matz agreed with him on the concept, but we still needs better
method names.

[ruby-dev:21707] drb Hash#each

Matz found that the Hash#each test case of dRuby failed on the
latest ruby. The reason of this failure is the feature mismatch
between yield([k,v]) and Proc#call([k,v]):

% cat t
def m1
yield [1,2]
end
m1 {|k,v| p [k,v] }

def m2( &block )
block.call([1,2])
end
m2 {|k,v| p [k,v] }


% ruby -v t
ruby 1.8.1 (2003-10-26) [i686-linux]
[1, 2]
[[1, 2], nil]

Matz finally changed Proc#call behavior, so now yield and Proc#call
produces same results:

% ruby -v t
ruby 1.8.1 (2003-11-04) [i686-linux]
[1, 2]
[1, 2]


[ruby-dev:21794] rb_iter_break() on ruby 1.8.1p2

MURATA Kenta reported that ruby 1.8.1p2 broke the following program:

#include <ruby.h>

static VALUE
ahi_ahi(VALUE obj)
{
rb_yield(Qnil);
}

static VALUE
ahi_abort(VALUE obj)
{
rb_iter_break();
}

void
Init_ahi(void)
{
VALUE cAhi = rb_define_class("Ahi", rb_cObject);
rb_define_method(cAhi, "ahi", ahi_ahi, 0);
rb_define_method(cAhi, "abort", ahi_abort, 0);
}

If you compile this extension and execute it, ruby will exit with
status 1:

$ ruby -rahi -e "a = Ahi.new; a.ahi { a.abort }"
-e:1:in `abort': unexpected break (LocalJumpError)
from -e:1
from -e:1:in `ahi'
from -e:1

This is because rb_iter_break() is called in different method frame
from which the block is running. For these kind of purpose, you
should use rb_catch() and rb_throw(). These APIs are described in
Pickaxe (page 195).

For the "right" usage of rb_iter_break(), see enum.c.

[ruby-dev:21816] "this method is deprecated" warning messages

Koji Arai reported that some warning messages are not printed on
ruby 1.8.1 preview 1. Corresponding warnings messages are:

% ruby-1.8.0 -e "{1=>'a', 2=>'b', 3=>'c'}.select(1,2,3)"
-e:1: warning: Hash#select(key..) is deprecated; use Hash#values_at

% ruby-1.8.0 -e '"foo" =~ "foo"'
-e:1: warning: string =~ string will be obsolete; use explicit regexp

% ruby-1.8.0 -e '$_ = "foo"; p ~"foo"'
-e:1: warning: ~string will be obsolete; use explicit regexp

Matz decided to remove Hash#select from 1.8.1 with the warning message.
(str~=str and ~str remain even in 1.8.1.)


-- Minero Aoki

Special Thanks: SugHimsi, U.Nakamura, Hiroharu Sugawara, Akinori MUSHA