From: "charliesome (Charlie Somerville)" Date: 2013-01-31T11:15:48+09:00 Subject: [ruby-core:51770] [ruby-trunk - Bug #7759] Marshal.load is not documented to be dangerous Issue #7759 has been updated by charliesome (Charlie Somerville). > I've thought it's a common sense, isn't it? You would imagine so, however I have seen a lot of code that does unmarshal untrusted data. I will send an example to security@ruby-lang.org. Please note that I do not consider this a vulnerability in Ruby. Marshal is dangerous by design. This is an education problem - we need to document the fact that it is dangerous. ---------------------------------------- Bug #7759: Marshal.load is not documented to be dangerous https://bugs.ruby-lang.org/issues/7759#change-35737 Author: charliesome (Charlie Somerville) Status: Open Priority: Normal Assignee: Category: DOC Target version: 2.0.0 ruby -v: ruby 2.0.0dev (2013-01-07 trunk 38733) [x86_64-darwin12.2.1] =begin Marshal.load is incredibly powerful, and also incredibly dangerous. Unfortunately, many developers use it inappropriately and unmarshal user input. This can lead to a wide range of vulnerabilities, including remote code execution. Marshal.load should be documented as dangerous and the documentation should also mention that it should only be used on trusted data. =end -- http://bugs.ruby-lang.org/