#!/usr/bin/ruby , #!/usr/bin/ruby -w , #!/usr/bin/ruby -T?, #!/usr/bin/ruby -T1...

A

anne001

""All external data is dangerous. Don't let it close to interfaces that
can modify your system."
http://www.rubycentral.com/book/taint.html

what does #!/usr/bin/ruby -w do?

is #!/usr/bin/ruby -T1 the same as -T with $SAFE=1?

Why not always use -T with a safety level of at least 1?

"Walter should have run his CGI script at a safe level of 1,This would
have raised an exception when the program tried to pass form data to
eval"
In what log file do exceptions show up?

"He could have chosen to implement a proper expression parser,
bypassing the risks inherent in using eval."
Does that mean defining in advance the expressions the use can enter?
like phone systems, do you want agent, billing, etc?
 
T

ts

a> what does #!/usr/bin/ruby -w do?

it make ruby more verbose

moulon% ruby -e 'p (1)'
1
moulon%

moulon% ruby -we 'p (1)'
-e:1: warning: (...) interpreted as grouped expression
1
moulon%

a> is #!/usr/bin/ruby -T1 the same as -T with $SAFE=1?

'#!/usr/bin/ruby -T' is the same than '#!/usr/bin/ruby -T1'

#!/usr/bin/ruby -T1

set $SAFE = 1 when ruby process the argument

a> Why not always use -T with a safety level of at least 1?

Except with -T0, if you use -T you have fatally a safety level of at
least 1
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top