--0016e68de91281941504754fb5e3 Content-Type: text/plain; charset=ISO-8859-1 On Tue, Oct 6, 2009 at 3:52 AM, Yugui <yugui / yugui.jp> wrote: > Why do you think the feature is not useful? > To really build a secure system around something like $SAFE/taint, you must be extremely vigilant with handling the flow of tainted objects through the system. One little mistake anywhere and it doesn't offer you any security at all. > It might not be useful for you but some ruby programs developed on > early era often use it. > That's fine, but 99.9% of Ruby programs out there don't use it and it impacts performance, so isn't making it an on-by-default configurable option a good idea? > And Ruby 1.9 has even trust/untrusted model in addition to > taint/untainted for more secure/usable security checking. > The need for something like trust/untrusted shows is that $SAFE/taint are no where good enough. -- Tony Arcieri Medioh/Nagravision --0016e68de91281941504754fb5e3 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div class="gmail_quote">On Tue, Oct 6, 2009 at 3:52 AM, Yugui <span dir="ltr"><yugui / yugui.jp></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Why do you think the feature is not useful?<br></blockquote><div><br>To really build a secure system around something like $SAFE/taint, you must be extremely vigilant with handling the flow of tainted objects through the system.One little mistake anywhere and it doesn't offer you any security at all.<br> /div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> It might not be useful for you but some ruby programs developed on<br> early era often use it.<br></blockquote><div><br>That's fine, but 99.9%f Ruby programs out there don't use it and it impacts performance, sosn't making it an on-by-default configurable option a good idea?<br> /div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> And Ruby 1.9 has even trust/untrusted model in addition to<br> taint/untainted for more secure/usable security checking.<br></blockquote><div><br>The need for something like trust/untrusted shows is that $SAFE/taint are no where good enough.<br><br>-- <br></div></div>Tony Arcieri<br> Medioh/Nagravision<br> --0016e68de91281941504754fb5e3--