ruby - Couldn't understand how the command line option "-T" is used in practice -
couldn't understand how command line alternative below used in practice.
-t[level=1] i tried code:
#commandoptionstest.rb puts "hello world" with various safe levels:
output ok
@ubuntu:~/script$ ruby -x commandoptionstest.rb # => hello world why error? need in commandoptionstest.rb allow -x -t?
@ubuntu:~/script$ ruby -x -t commandoptionstest.rb # => ruby: no -x allowed in tainted mode (securityerror) output coming
@ubuntu:~/script$ ruby -t commandoptionstest.rb # => hello world output coming
@ubuntu:~/script$ ruby -t1 commandoptionstest.rb # => hello world output coming
@ubuntu:~/script$ ruby -t2 commandoptionstest.rb # => hello world output coming
@ubuntu:~/script$ ruby -t3 commandoptionstest.rb # => hello world again why error?
@ubuntu:~/script$ ruby -t4 commandoptionstest.rb # => commandoptionstest.rb:15:in `write': insecure operation `write' @ level 4 (securityerror) # commandoptionstest.rb:15:in `puts' # commandoptionstest.rb:15:in `puts' # commandoptionstest.rb:15:in `<main>' with help of above code, please explain why safe levels 1, 2, 3 printing "hello world", while safe level 4 not? allow write operations @ safe level 4, should done here?
it sets $safe level.
this dictates how inputs handled, along great number of other things regarding environment variables, i/o, threads, exceptions, interpreter command line args, etc.
http://www.ruby-doc.org/docs/programmingruby/html/taint.html
imo docs place start. if have question specific behavior, ask.
to address comment , edits:
yes, can, the docs can too, , better.
why -x not work?
because docs won't:
$safe >= 1 * command-line options -e, -i, -i, -r, -s, -s, , -x not allowed.
[~]$ ruby --help usage: ruby [switches] [--] [programfile] [arguments] # elided -t[level=1] turn on tainting checks
so default level if -t specified no number 1, means $safe >= 1, means docs say: -x not allowed.
why doesn't puts work?
difficult since don't provide code you're executing, likely, again, docs say:
$safe >= 4 * can't write files or pipes.
ruby ruby-1.9.3
No comments:
Post a Comment