ruby-changes:29207
From: shugo <ko1@a...>
Date: Wed, 12 Jun 2013 23:21:29 +0900 (JST)
Subject: [ruby-changes:29207] shugo:r41259 (trunk): * safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError
shugo 2013-06-12 23:20:51 +0900 (Wed, 12 Jun 2013) New Revision: 41259 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=41259 Log: * safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError when $SAFE is set to 4. $SAFE=4 is now obsolete. [ruby-core:55222] [Feature #8468] * object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust): Kernel#untrusted?, untrust, and trust are now deprecated. Their behavior is same as tainted?, taint, and untaint, respectively. * include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED() and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(), respectively. * array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c, ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c, ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c, ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c, ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c, ext/socket/socket.c, ext/socket/udpsocket.c, ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c, ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c, load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c, safe.c, string.c, thread.c, transcode.c, variable.c, vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for $SAFE=4. * test/dl/test_dl2.rb, test/erb/test_erb.rb, test/readline/test_readline.rb, test/readline/test_readline_history.rb, test/ruby/test_alias.rb, test/ruby/test_array.rb, test/ruby/test_dir.rb, test/ruby/test_encoding.rb, test/ruby/test_env.rb, test/ruby/test_eval.rb, test/ruby/test_exception.rb, test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb, test/ruby/test_io.rb, test/ruby/test_method.rb, test/ruby/test_module.rb, test/ruby/test_object.rb, test/ruby/test_pack.rb, test/ruby/test_rand.rb, test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb, test/ruby/test_struct.rb, test/ruby/test_thread.rb, test/ruby/test_time.rb: remove tests for $SAFE=4. Modified files: trunk/ChangeLog trunk/array.c trunk/class.c trunk/debug.c trunk/dir.c trunk/encoding.c trunk/error.c trunk/eval.c trunk/ext/curses/curses.c trunk/ext/dbm/dbm.c trunk/ext/dl/cfunc.c trunk/ext/dl/cptr.c trunk/ext/dl/dl.c trunk/ext/etc/etc.c trunk/ext/fiddle/fiddle.c trunk/ext/fiddle/pointer.c trunk/ext/gdbm/gdbm.c trunk/ext/readline/readline.c trunk/ext/sdbm/init.c trunk/ext/socket/ancdata.c trunk/ext/socket/basicsocket.c trunk/ext/socket/socket.c trunk/ext/socket/udpsocket.c trunk/ext/stringio/stringio.c trunk/ext/syslog/syslog.c trunk/ext/tk/tcltklib.c trunk/ext/win32ole/win32ole.c trunk/file.c trunk/gc.c trunk/hash.c trunk/include/ruby/intern.h trunk/include/ruby/ruby.h trunk/io.c trunk/iseq.c trunk/load.c trunk/marshal.c trunk/object.c trunk/proc.c trunk/process.c trunk/random.c trunk/re.c trunk/safe.c trunk/string.c trunk/test/dl/test_dl2.rb trunk/test/erb/test_erb.rb trunk/test/readline/test_readline.rb trunk/test/readline/test_readline_history.rb trunk/test/ruby/test_alias.rb trunk/test/ruby/test_array.rb trunk/test/ruby/test_dir.rb trunk/test/ruby/test_encoding.rb trunk/test/ruby/test_env.rb trunk/test/ruby/test_eval.rb trunk/test/ruby/test_exception.rb trunk/test/ruby/test_file_exhaustive.rb trunk/test/ruby/test_hash.rb trunk/test/ruby/test_io.rb trunk/test/ruby/test_method.rb trunk/test/ruby/test_module.rb trunk/test/ruby/test_object.rb trunk/test/ruby/test_pack.rb trunk/test/ruby/test_rand.rb trunk/test/ruby/test_regexp.rb trunk/test/ruby/test_settracefunc.rb trunk/test/ruby/test_struct.rb trunk/test/ruby/test_thread.rb trunk/test/ruby/test_time.rb trunk/thread.c trunk/transcode.c trunk/variable.c trunk/vm_insnhelper.c trunk/vm_method.c trunk/vm_trace.c Index: array.c =================================================================== --- array.c (revision 41258) +++ array.c (revision 41259) @@ -257,8 +257,6 @@ static inline void https://github.com/ruby/ruby/blob/trunk/array.c#L257 rb_ary_modify_check(VALUE ary) { rb_check_frozen(ary); - if (!OBJ_UNTRUSTED(ary) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't modify array"); } void @@ -1843,7 +1841,6 @@ ary_join_0(VALUE ary, VALUE sep, long ma https://github.com/ruby/ruby/blob/trunk/array.c#L1841 rb_str_buf_append(result, sep); rb_str_buf_append(result, val); if (OBJ_TAINTED(val)) OBJ_TAINT(result); - if (OBJ_UNTRUSTED(val)) OBJ_TAINT(result); } } @@ -1905,12 +1902,10 @@ rb_ary_join(VALUE ary, VALUE sep) https://github.com/ruby/ruby/blob/trunk/array.c#L1902 { long len = 1, i; int taint = FALSE; - int untrust = FALSE; VALUE val, tmp, result; if (RARRAY_LEN(ary) == 0) return rb_usascii_str_new(0, 0); if (OBJ_TAINTED(ary)) taint = TRUE; - if (OBJ_UNTRUSTED(ary)) untrust = TRUE; if (!NIL_P(sep)) { StringValue(sep); @@ -1925,7 +1920,6 @@ rb_ary_join(VALUE ary, VALUE sep) https://github.com/ruby/ruby/blob/trunk/array.c#L1920 result = rb_str_buf_new(len + (RARRAY_LEN(ary)-i)*10); rb_enc_associate(result, rb_usascii_encoding()); if (taint) OBJ_TAINT(result); - if (untrust) OBJ_UNTRUST(result); ary_join_0(ary, sep, i, result); first = i == 0; ary_join_1(ary, ary, sep, i, result, &first); @@ -1937,7 +1931,6 @@ rb_ary_join(VALUE ary, VALUE sep) https://github.com/ruby/ruby/blob/trunk/array.c#L1931 result = rb_str_buf_new(len); if (taint) OBJ_TAINT(result); - if (untrust) OBJ_UNTRUST(result); ary_join_0(ary, sep, RARRAY_LEN(ary), result); return result; @@ -1971,7 +1964,6 @@ static VALUE https://github.com/ruby/ruby/blob/trunk/array.c#L1964 inspect_ary(VALUE ary, VALUE dummy, int recur) { int tainted = OBJ_TAINTED(ary); - int untrust = OBJ_UNTRUSTED(ary); long i; VALUE s, str; @@ -1980,14 +1972,12 @@ inspect_ary(VALUE ary, VALUE dummy, int https://github.com/ruby/ruby/blob/trunk/array.c#L1972 for (i=0; i<RARRAY_LEN(ary); i++) { s = rb_inspect(RARRAY_AREF(ary, i)); if (OBJ_TAINTED(s)) tainted = TRUE; - if (OBJ_UNTRUSTED(s)) untrust = TRUE; if (i > 0) rb_str_buf_cat2(str, ", "); else rb_enc_copy(str, s); rb_str_buf_append(str, s); } rb_str_buf_cat2(str, "]"); if (tainted) OBJ_TAINT(str); - if (untrust) OBJ_UNTRUST(str); return str; } Index: debug.c =================================================================== --- debug.c (revision 41258) +++ debug.c (revision 41259) @@ -36,7 +36,6 @@ const union { https://github.com/ruby/ruby/blob/trunk/debug.c#L36 RUBY_FL_OLDGEN = FL_OLDGEN, RUBY_FL_FINALIZE = FL_FINALIZE, RUBY_FL_TAINT = FL_TAINT, - RUBY_FL_UNTRUSTED = FL_UNTRUSTED, RUBY_FL_EXIVAR = FL_EXIVAR, RUBY_FL_FREEZE = FL_FREEZE, RUBY_FL_SINGLETON = FL_SINGLETON, Index: encoding.c =================================================================== --- encoding.c (revision 41258) +++ encoding.c (revision 41259) @@ -591,7 +591,7 @@ load_encoding(const char *name) https://github.com/ruby/ruby/blob/trunk/encoding.c#L591 else if (ISUPPER(*s)) *s = (char)TOLOWER(*s); ++s; } - FL_UNSET(enclib, FL_TAINT|FL_UNTRUSTED); + FL_UNSET(enclib, FL_TAINT); OBJ_FREEZE(enclib); ruby_verbose = Qfalse; ruby_debug = Qfalse; Index: include/ruby/intern.h =================================================================== --- include/ruby/intern.h (revision 41258) +++ include/ruby/intern.h (revision 41259) @@ -229,12 +229,7 @@ void rb_check_trusted(VALUE); https://github.com/ruby/ruby/blob/trunk/include/ruby/intern.h#L229 rb_error_frozen(rb_obj_classname(frozen_obj)); \ } \ } while (0) -#define rb_check_trusted_internal(obj) do { \ - VALUE untrusted_obj = (obj); \ - if (!OBJ_UNTRUSTED(untrusted_obj)) { \ - rb_error_untrusted(untrusted_obj); \ - } \ - } while (0) +#define rb_check_trusted_internal(obj) ((void) 0) #ifdef __GNUC__ #define rb_check_frozen(obj) __extension__({rb_check_frozen_internal(obj);}) #define rb_check_trusted(obj) __extension__({rb_check_trusted_internal(obj);}) Index: include/ruby/ruby.h =================================================================== --- include/ruby/ruby.h (revision 41258) +++ include/ruby/ruby.h (revision 41259) @@ -678,7 +678,7 @@ VALUE rb_obj_setup(VALUE obj, VALUE klas https://github.com/ruby/ruby/blob/trunk/include/ruby/ruby.h#L678 if (FL_TEST((obj), FL_EXIVAR)) rb_copy_generic_ivar((VALUE)(clone),(VALUE)(obj));\ } while (0) #define DUPSETUP(dup,obj) do {\ - OBJSETUP((dup),rb_obj_class(obj), (RBASIC(obj)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED)); \ + OBJSETUP((dup),rb_obj_class(obj), (RBASIC(obj)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT)); \ if (FL_TEST((obj), FL_EXIVAR)) rb_copy_generic_ivar((VALUE)(dup),(VALUE)(obj));\ } while (0) @@ -1163,7 +1163,7 @@ struct RBignum { https://github.com/ruby/ruby/blob/trunk/include/ruby/ruby.h#L1163 #define FL_OLDGEN (((VALUE)1)<<6) #define FL_FINALIZE (((VALUE)1)<<7) #define FL_TAINT (((VALUE)1)<<8) -#define FL_UNTRUSTED (((VALUE)1)<<9) +#define FL_UNTRUSTED FL_TAINT #define FL_EXIVAR (((VALUE)1)<<10) #define FL_FREEZE (((VALUE)1)<<11) @@ -1203,12 +1203,11 @@ struct RBignum { https://github.com/ruby/ruby/blob/trunk/include/ruby/ruby.h#L1203 #define OBJ_TAINTED(x) (!!FL_TEST((x), FL_TAINT)) #define OBJ_TAINT(x) FL_SET((x), FL_TAINT) -#define OBJ_UNTRUSTED(x) (!!FL_TEST((x), FL_UNTRUSTED)) -#define OBJ_UNTRUST(x) FL_SET((x), FL_UNTRUSTED) +#define OBJ_UNTRUSTED(x) OBJ_TAINTED(x) +#define OBJ_UNTRUST(x) OBJ_TAINT(x) #define OBJ_INFECT(x,s) do { \ if (FL_ABLE(x) && FL_ABLE(s)) \ - RBASIC(x)->flags |= RBASIC(s)->flags & \ - (FL_TAINT | FL_UNTRUSTED); \ + RBASIC(x)->flags |= RBASIC(s)->flags & FL_TAINT; \ } while (0) #define OBJ_FROZEN(x) (!!(FL_ABLE(x)?(RBASIC(x)->flags&(FL_FREEZE)):(FIXNUM_P(x)||FLONUM_P(x)))) Index: ChangeLog =================================================================== --- ChangeLog (revision 41258) +++ ChangeLog (revision 41259) @@ -1,3 +1,45 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Wed Jun 12 22:58:48 2013 Shugo Maeda <shugo@r...> + + * safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError + when $SAFE is set to 4. $SAFE=4 is now obsolete. + [ruby-core:55222] [Feature #8468] + + * object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust): + Kernel#untrusted?, untrust, and trust are now deprecated. + Their behavior is same as tainted?, taint, and untaint, + respectively. + + * include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED() + and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(), + respectively. + + * array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c, + ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c, + ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c, + ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c, + ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c, + ext/socket/socket.c, ext/socket/udpsocket.c, + ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c, + ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c, + load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c, + safe.c, string.c, thread.c, transcode.c, variable.c, + vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for + $SAFE=4. + + * test/dl/test_dl2.rb, test/erb/test_erb.rb, + test/readline/test_readline.rb, + test/readline/test_readline_history.rb, test/ruby/test_alias.rb, + test/ruby/test_array.rb, test/ruby/test_dir.rb, + test/ruby/test_encoding.rb, test/ruby/test_env.rb, + test/ruby/test_eval.rb, test/ruby/test_exception.rb, + test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb, + test/ruby/test_io.rb, test/ruby/test_method.rb, + test/ruby/test_module.rb, test/ruby/test_object.rb, + test/ruby/test_pack.rb, test/ruby/test_rand.rb, + test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb, + test/ruby/test_struct.rb, test/ruby/test_thread.rb, + test/ruby/test_time.rb: remove tests for $SAFE=4. + Wed Jun 12 22:18:23 2013 Tanaka Akira <akr@f...> * bignum.c (integer_unpack_num_bdigits_generic): Rewritten without Index: re.c =================================================================== --- re.c (revision 41258) +++ re.c (revision 41259) @@ -2395,8 +2395,6 @@ rb_reg_initialize(VALUE obj, const char https://github.com/ruby/ruby/blob/trunk/re.c#L2395 rb_encoding *fixed_enc = 0; rb_encoding *a_enc = rb_ascii8bit_encoding(); - if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't modify regexp"); rb_check_frozen(obj); if (FL_TEST(obj, REG_LITERAL)) rb_raise(rb_eSecurityError, "can't modify literal regexp"); Index: variable.c =================================================================== --- variable.c (revision 41258) +++ variable.c (revision 41259) @@ -645,7 +645,6 @@ rb_f_trace_var(int argc, VALUE *argv) https://github.com/ruby/ruby/blob/trunk/variable.c#L645 struct global_entry *entry; struct trace_var *trace; - rb_secure(4); if (rb_scan_args(argc, argv, "11", &var, &cmd) == 1) { cmd = rb_block_proc(); } @@ -707,7 +706,6 @@ rb_f_untrace_var(int argc, VALUE *argv) https://github.com/ruby/ruby/blob/trunk/variable.c#L706 struct trace_var *trace; st_data_t data; - rb_secure(4); rb_scan_args(argc, argv, "11", &var, &cmd); id = rb_check_id(&var); if (!id) { @@ -1130,8 +1128,6 @@ rb_ivar_set(VALUE obj, ID id, VALUE val) https://github.com/ruby/ruby/blob/trunk/variable.c#L1128 long i, len; int ivar_extended; - if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable"); rb_check_frozen(obj); if (SPECIAL_CONST_P(obj)) goto generic; switch (BUILTIN_TYPE(obj)) { @@ -1404,8 +1400,6 @@ rb_obj_remove_instance_variable(VALUE ob https://github.com/ruby/ruby/blob/trunk/variable.c#L1400 struct st_table *iv_index_tbl; st_data_t index; - if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable"); rb_check_frozen(obj); if (!id) { if (rb_is_instance_name(name)) { @@ -1939,8 +1933,6 @@ rb_const_remove(VALUE mod, ID id) https://github.com/ruby/ruby/blob/trunk/variable.c#L1933 VALUE val; st_data_t v, n = id; - if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't remove constant"); rb_check_frozen(mod); if (!RCLASS_CONST_TBL(mod) || !st_delete(RCLASS_CONST_TBL(mod), &n, &v)) { if (rb_const_defined_at(mod, id)) { @@ -2131,8 +2123,6 @@ rb_public_const_defined_at(VALUE klass, https://github.com/ruby/ruby/blob/trunk/variable.c#L2123 static void check_before_mod_set(VALUE klass, ID id, VALUE val, const char *dest) { - if (!OBJ_UNTRUSTED(klass) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't set %s", dest); rb_check_frozen(klass); } @@ -2206,7 +2196,6 @@ rb_define_const(VALUE klass, const char https://github.com/ruby/ruby/blob/trunk/variable.c#L2196 rb_warn("rb_define_const: invalid name `%s' for constant", name); } if (klass == rb_cObject) { - rb_secure(4); } rb_const_set(klass, id, val); } @@ -2224,11 +2213,6 @@ set_const_visibility(VALUE mod, int argc https://github.com/ruby/ruby/blob/trunk/variable.c#L2213 st_data_t v; ID id; - if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(mod)) { - rb_raise(rb_eSecurityError, - "Insecure: can't change constant visibility"); - } - if (argc == 0) { rb_warning("%"PRIsVALUE" with no argument is just ignored", QUOTE_ID(rb_frame_callee())); @@ -2563,8 +2547,6 @@ rb_mod_remove_cvar(VALUE mod, VALUE name https://github.com/ruby/ruby/blob/trunk/variable.c#L2547 if (!rb_is_class_id(id)) { rb_name_error(id, "wrong class variable name %"PRIsVALUE"", QUOTE_ID(id)); } - if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't remove class variable"); rb_check_frozen(mod); if (RCLASS_IV_TBL(mod) && st_delete(RCLASS_IV_TBL(mod), &n, &val)) { return (VALUE)val; Index: iseq.c =================================================================== --- iseq.c (revision 41258) +++ iseq.c (revision 41259) @@ -243,7 +243,6 @@ rb_iseq_add_mark_object(rb_iseq_t *iseq, https://github.com/ruby/ruby/blob/trunk/iseq.c#L243 { if (!RTEST(iseq->mark_ary)) { iseq->mark_ary = rb_ary_tmp_new(3); - OBJ_UNTRUST(iseq->mark_ary); RBASIC_CLEAR_CLASS(iseq->mark_ary); } rb_ary_push(iseq->mark_ary, obj); Index: string.c =================================================================== --- string.c (revision 41258) +++ string.c (revision 41259) @@ -704,7 +704,7 @@ rb_str_new_frozen(VALUE orig) https://github.com/ruby/ruby/blob/trunk/string.c#L704 assert(OBJ_FROZEN(str)); ofs = RSTRING_LEN(str) - RSTRING_LEN(orig); if ((ofs > 0) || (klass != RBASIC(str)->klass) || - ((RBASIC(str)->flags ^ RBASIC(orig)->flags) & (FL_TAINT|FL_UNTRUSTED)) || + ((RBASIC(str)->flags ^ RBASIC(orig)->flags) & FL_TAINT) || ENCODING_GET(str) != ENCODING_GET(orig)) { str = str_new3(klass, str); RSTRING(str)->as.heap.ptr += ofs; @@ -1305,8 +1305,6 @@ str_modifiable(VALUE str) https://github.com/ruby/ruby/blob/trunk/string.c#L1305 rb_raise(rb_eRuntimeError, "can't modify string; temporarily locked"); } rb_check_frozen(str); - if (!OBJ_UNTRUSTED(str) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't modify string"); } static inline int @@ -3659,7 +3657,6 @@ rb_str_sub_bang(int argc, VALUE *argv, V https://github.com/ruby/ruby/blob/trunk/string.c#L3657 VALUE pat, repl, hash = Qnil; int iter = 0; int tainted = 0; - int untrusted = 0; long plen; int min_arity = rb_block_given_p() ? 1 : 2; @@ -3674,7 +3671,6 @@ rb_str_sub_bang(int argc, VALUE *argv, V https://github.com/ruby/ruby/blob/trunk/string.c#L3671 StringValue(repl); } if (OBJ_TAINTED(repl)) tainted = 1; - if (OBJ_UNTRUSTED(repl)) untrusted = 1; } pat = get_pat(argv[0], 1); @@ -3720,7 +3716,6 @@ rb_str_sub_bang(int argc, VALUE *argv, V https://github.com/ruby/ruby/blob/trunk/string.c#L3716 rb_str_modify(str); rb_enc_associate(str, enc); if (OBJ_TAINTED(repl)) tainted = 1; - if (OBJ_UNTRUSTED(repl)) untrusted = 1; if (ENC_CODERANGE_UNKNOWN < cr && cr < ENC_CODERANGE_BROKEN) { int cr2 = ENC_CODERANGE(repl); if (cr2 == ENC_CODERANGE_BROKEN || @@ -3745,7 +3740,6 @@ rb_str_sub_bang(int argc, VALUE *argv, V https://github.com/ruby/ruby/blob/trunk/string.c#L3740 RSTRING_PTR(str)[len] = '\0'; ENC_CODERANGE_SET(str, cr); if (tainted) OBJ_TAINT(str); - if (untrusted) OBJ_UNTRUST(str); return str; } Index: object.c =================================================================== --- object.c (revision 41258) +++ object.c (revision 41259) @@ -72,7 +72,7 @@ rb_obj_setup(VALUE obj, VALUE klass, VAL https://github.com/ruby/ruby/blob/trunk/object.c#L72 { RBASIC(obj)->flags = type; RBASIC_SET_CLASS(obj, klass); - if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT | FL_UNTRUSTED); + if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT); return obj; } @@ -259,7 +259,7 @@ init_copy(VALUE dest, VALUE obj) https://github.com/ruby/ruby/blob/trunk/object.c#L259 rb_raise(rb_eTypeError, "[bug] frozen object (%s) allocated", rb_obj_classname(dest)); } RBASIC(dest)->flags &= ~(T_MASK|FL_EXIVAR); - RBASIC(dest)->flags |= RBASIC(obj)->flags & (T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED); + RBASIC(dest)->flags |= RBASIC(obj)->flags & (T_MASK|FL_EXIVAR|FL_TAINT); rb_copy_generic_ivar(dest, obj); rb_gc_copy_finalizer(dest, obj); switch (TYPE(obj)) { @@ -335,7 +335,7 @@ rb_obj_clone(VALUE obj) https://github.com/ruby/ruby/blob/trunk/object.c#L335 rb_raise(rb_eTypeError, "can't clone %s", rb_obj_classname(obj)); } clone = rb_obj_alloc(rb_obj_class(obj)); - RBASIC(clone)->flags &= (FL_TAINT|FL_UNTRUSTED); + RBASIC(clone)->flags &= FL_TAINT; RBASIC(clone)->flags |= RBASIC(obj)->flags & ~(FL_OLDGEN|FL_FREEZE|FL_FINALIZE); singleton = rb_singleton_class_clone_and_attach(obj, clone); @@ -907,7 +907,6 @@ rb_obj_tainted(VALUE obj) https://github.com/ruby/ruby/blob/trunk/object.c#L907 VALUE rb_obj_taint(VALUE obj) { - rb_secure(4); if (!OBJ_TAINTED(obj)) { rb_check_frozen(obj); OBJ_TAINT(obj); @@ -940,47 +939,28 @@ rb_obj_untaint(VALUE obj) https://github.com/ruby/ruby/blob/trunk/object.c#L939 * call-seq: * obj.untrusted? -> true or false * - * Returns true if the object is untrusted. - * - * See #untrust for more information. + * Deprecated method that is equivalent to #tainted?. */ VALUE rb_obj_untrusted(VALUE obj) { - if (OBJ_UNTRUSTED(obj)) - return Qtrue; - return Qfalse; + rb_warning("untrusted? is deprecated and its behavior is same as tainted?"); + return rb_obj_tainted(obj); } /* * call-seq: * obj.untrust -> obj * - * Mark the object as untrusted. - * - * An untrusted object is not allowed to modify any trusted objects. To check - * whether an object is trusted, use #untrusted? - * - * Any object created by untrusted code is marked as both tainted and - * untrusted. See #taint for more information. - * - * You should only trust an untrusted object if your code has inspected it and - * determined that it is safe. To do so use #trust - * - * In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of - * trust or taint methods will raise a SecurityError exception. + * Deprecated method that is equivalent to #taint. */ VALUE rb_obj_untrust(VALUE obj) { - rb_secure(4); - if (!OBJ_UNTRUSTED(obj)) { - rb_check_frozen(obj); - OBJ_UNTRUST(obj); - } - return obj; + rb_warning("untrust is deprecated and its behavior is same as taint"); + return rb_obj_taint(obj); } @@ -988,20 +968,14 @@ rb_obj_untrust(VALUE obj) https://github.com/ruby/ruby/blob/trunk/object.c#L968 * call-seq: * obj.trust -> obj * - * Removes the untrusted mark from the object. - * - * See #untrust for more information. + * Deprecated method that is equivalent to #untaint. */ VALUE rb_obj_trust(VALUE obj) { - rb_secure(3); - if (OBJ_UNTRUSTED(obj)) { - rb_check_frozen(obj); - FL_UNSET(obj, FL_UNTRUSTED); - } - return obj; + rb_warning("trust is deprecated and its behavior is same as untaint"); + return rb_obj_untaint(obj); } void @@ -1037,9 +1011,6 @@ VALUE https://github.com/ruby/ruby/blob/trunk/object.c#L1011 rb_obj_freeze(VALUE obj) { if (!OBJ_FROZEN(obj)) { - if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(obj)) { - rb_raise(rb_eSecurityError, "Insecure: can't freeze object"); - } OBJ_FREEZE(obj); if (SPECIAL_CONST_P(obj)) { if (!immediate_frozen_tbl) { Index: io.c =================================================================== --- io.c (revision 41258) +++ io.c (revision 41259) @@ -597,8 +597,6 @@ rb_eof_error(void) https://github.com/ruby/ruby/blob/trunk/io.c#L597 VALUE rb_io_taint_check(VALUE io) { - if (!OBJ_UNTRUSTED(io) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: operation on trusted IO"); rb_check_frozen(io); return io; } @@ -1376,7 +1374,6 @@ io_write(VALUE io, VALUE str, int nosync https://github.com/ruby/ruby/blob/trunk/io.c#L1374 long n; VALUE tmp; (... truncated) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/