Warn on access/modify of $SAFE, and remove effects of modifying $SAFE

This removes the security features added by $SAFE = 1, and warns for access or modification of $SAFE from Ruby-level, as well as warning when calling all public C functions related to $SAFE. This modifies some internal functions that took a safe level argument to no longer take the argument. rb_require_safe now warns, rb_require_string has been added as a version that takes a VALUE and does not warn. One public C function that still takes a safe level argument and that this doesn't warn for is rb_eval_cmd. We may want to consider adding an alternative method that does not take a safe level argument, and warn for rb_eval_cmd.
Merged: https://github.com/ruby/ruby/pull/2476
2022-11-09 12:17:21 -05:00 · 2019-09-20 19:06:22 -07:00 · 2019-09-20 19:06:22 -07:00 · c5c05460ac · 2019-11-18 08:01:15 +09:00
commit c5c05460ac
parent 7b6a8b5b54
59 changed files with 283 additions and 751 deletions
--- a/spec/ruby/language/predefined_spec.rb
+++ b/spec/ruby/language/predefined_spec.rb
@ -771,8 +771,6 @@ __LINE__         String          The current line number in the source file. [r/
 $LOAD_PATH       Array           A synonym for $:. [r/o]
 $-p              Object          Set to true if the -p option (which puts an implicit while gets . . . end
                                 loop around your program) is present on the command line. [r/o]
-$SAFE            Fixnum          The current safe level. This variable’s value may never be
-                                 reduced by assignment. [thread] (Not implemented in Rubinius)
 $VERBOSE         Object          Set to true if the -v, --version, -W, or -w option is specified on the com-
                                 mand line. Set to false if no option, or -W1 is given. Set to nil if -W0
                                 was specified. Setting this option to true causes the interpreter and some