From: "shugo (Shugo Maeda)" Date: 2013-02-13T13:10:24+09:00 Subject: [ruby-core:52179] [ruby-trunk - Feature #7839] Symbol.freeze_symbols Issue #7839 has been updated by shugo (Shugo Maeda). > > If this is a main use case of Symbol.freeze_symbols, it might be better to have String#intern's option to control whether a symbol creation is allowed and to make YAML.safe_load to use it. (snip) > The problem with this is we can be calling foreign code. We have to > force all library authors to use it. Library authors may not expect > that calls to ".intern" will be fed user input. > > Most security issues we have to deal with (even the YAML example) are > cases where we do not expect to process foreign input. Hmm.... I'm worried that the following code is not thread safe. > > begin > > Symbol.freeze_symbols > > YAML.load(...) > > ensure > > Symbol.thaw_symbols > > end > > I guess it can be implemented easily compared to Symbol GC. > > Even freezing and thawing would definitely be easier than Symbol GC. Sasada-san might implement Symbol GC for MRI. # So I'm worried that he might get less popular with women. If it can be implemented in other implementations, it would be the best solution. ---------------------------------------- Feature #7839: Symbol.freeze_symbols https://bugs.ruby-lang.org/issues/7839#change-36194 Author: tenderlovemaking (Aaron Patterson) Status: Open Priority: Normal Assignee: Category: Target version: Hi, On team Rails, we're having troubles with Symbol creation DoS attacks. From our perspective, there should be a point in the application where symbols should stabilize, meaning we don't expect the number of symbols to increase while the process is running. I'd like to be able to call a method like `Symbol.freeze_symbols` which would essentially freeze the symbol hash, such that if any new symbols are created, an exception would be thrown. I can work on a patch for this, but I wanted to throw the idea out there. -- http://bugs.ruby-lang.org/