3
* This file is included by eval.c
7
0 - strings from streams/environment/ARGV are tainted (default)
8
1 - no dangerous operation by tainted value
9
2 - process/file operations prohibited
10
3 - all generated objects are tainted
11
4 - no global (non-tainted) variable modification/no direct output
14
#define SAFE_LEVEL_MAX 4
21
return GET_THREAD()->safe_level;
25
rb_set_safe_level_force(int safe)
27
GET_THREAD()->safe_level = safe;
31
rb_set_safe_level(int level)
33
rb_thread_t *th = GET_THREAD();
35
if (level > th->safe_level) {
36
if (level > SAFE_LEVEL_MAX) {
37
level = SAFE_LEVEL_MAX;
39
th->safe_level = level;
46
return INT2NUM(rb_safe_level());
50
safe_setter(VALUE val)
52
int level = NUM2INT(val);
53
rb_thread_t *th = GET_THREAD();
55
if (level < th->safe_level) {
56
rb_raise(rb_eSecurityError,
57
"tried to downgrade safe level from %d to %d",
58
th->safe_level, level);
60
if (level > SAFE_LEVEL_MAX) {
61
level = SAFE_LEVEL_MAX;
63
th->safe_level = level;
69
if (level <= rb_safe_level()) {
70
if (rb_frame_callee()) {
71
rb_raise(rb_eSecurityError, "Insecure operation `%s' at level %d",
72
rb_id2name(rb_frame_callee()), rb_safe_level());
75
rb_raise(rb_eSecurityError, "Insecure operation at level %d",
82
rb_secure_update(VALUE obj)
84
if (!OBJ_TAINTED(obj))
89
rb_check_safe_obj(VALUE x)
91
if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
92
if (rb_frame_callee()) {
93
rb_raise(rb_eSecurityError, "Insecure operation - %s",
94
rb_id2name(rb_frame_callee()));
97
rb_raise(rb_eSecurityError, "Insecure operation: -r");
104
rb_check_safe_str(VALUE x)
106
rb_check_safe_obj(x);
107
if (TYPE(x) != T_STRING) {
108
rb_raise(rb_eTypeError, "wrong argument type %s (expected String)",
109
rb_obj_classname(x));