From: eregontp@... Date: 2017-12-15T16:29:11+00:00 Subject: [ruby-core:84291] [Ruby trunk Misc#14190] What are the semantics of $SAFE? Issue #14190 has been reported by Eregon (Benoit Daloze). ---------------------------------------- Misc #14190: What are the semantics of $SAFE? https://bugs.ruby-lang.org/issues/14190 * Author: Eregon (Benoit Daloze) * Status: Open * Priority: Normal * Assignee: ---------------------------------------- $SAFE is documented in many places as thread-local, but it seems more than that. For example: # a.rb $SAFE=1 p $SAFE require "#{Dir.pwd.untaint}/b.rb" # b.rb p [:in_b, $SAFE] gives: $ ruby -r./a -e 'p $SAFE' 1 [:in_b, 0] 0 So in b and in -e, $SAFE is 0. Is it file-based somehow? I was trying to understand what https://github.com/ruby/ruby/blob/7c4306e6e9c3c4a255f4ad20134c1832dbe45ba2/test/rubygems/test_gem.rb#L9-L13 is supposed to do. Does it make sense? What does it do? It seems the test_* methods in that file actually read $SAFE as 0, not 1. -- https://bugs.ruby-lang.org/ Unsubscribe: