Em 06-02-2013 12:21, SASADA Koichi escreveu:
> (2013/02/06 22:50), shyouhei (Shyouhei Urabe) wrote:
>> @rosenfeld do you have any conceptual patch to implement it?  The reason Symbols aren't GCed is simply because the committers (including matz) don't have any idea how.
> One rough idea (but not verified) is:
>
> Separated Symbols into two sets:
>    (a) Symbols created by rb_intern()
>    (b) Symbols created from String object (String#to_sym)
>
> (a) is internal symbols which are used by the interpreter such as method
> names, attribute names and so on.
>
> (b) is mainly created by ruby program (and used for DoS attack).
>
> I think (hope) (b) can be collected at GC timing with some development
> efforts. But not touched. Sorry.

Your idea would work quite well I think.

> PS. Of course, a program making symbols belong to (a) will be DoS
> attack. For example, the program makes many methods or attributes by
> untrusted data, it will be same problem (but I believe nobody makes such
> a bad program).

If an attacker could create new methods than I believe that symbols not 
being collected is the least problem ;)