--0016e68de91281941504754fb5e3
Content-Type: text/plain; charset=ISO-8859-1

On Tue, Oct 6, 2009 at 3:52 AM, Yugui <yugui / yugui.jp> wrote:

> Why do you think the feature is not useful?
>

To really build a secure system around something like $SAFE/taint, you must
be extremely vigilant with handling the flow of tainted objects through the
system.  One little mistake anywhere and it doesn't offer you any security
at all.


> It might not be useful for you but some ruby programs developed on
> early era often use it.
>

That's fine, but 99.9% of Ruby programs out there don't use it and it
impacts performance, so isn't making it an on-by-default configurable option
a good idea?


> And Ruby 1.9 has even trust/untrusted model in addition to
> taint/untainted for more secure/usable security checking.
>

The need for something like trust/untrusted shows is that $SAFE/taint are no
where good enough.

-- 
Tony Arcieri
Medioh/Nagravision

--0016e68de91281941504754fb5e3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div class="gmail_quote">On Tue, Oct 6, 2009 at 3:52 AM, Yugui <span dir="ltr">&lt;yugui / yugui.jp&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Why do you think the feature is not useful?<br></blockquote><div><br>To really build a secure system around something like $SAFE/taint, you must be extremely vigilant with handling the flow of tainted objects through the system.One little mistake anywhere and it doesn&#39;t offer you any security at all.<br>
/div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
It might not be useful for you but some ruby programs developed on<br>
early era often use it.<br></blockquote><div><br>That&#39;s fine, but 99.9%f Ruby programs out there don&#39;t use it and it impacts performance, sosn&#39;t making it an on-by-default configurable option a good idea?<br>
/div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
And Ruby 1.9 has even trust/untrusted model in addition to<br>
taint/untainted for more secure/usable security checking.<br></blockquote><div><br>The need for something like trust/untrusted shows is that $SAFE/taint are no where good enough.<br><br>-- <br></div></div>Tony Arcieri<br>
Medioh/Nagravision<br>

--0016e68de91281941504754fb5e3--