Issue #7839 has been updated by shugo (Shugo Maeda).


>  > If this is a main use case of Symbol.freeze_symbols, it might be better to have String#intern's option to control whether a symbol creation is allowed and to make YAML.safe_load to use it.
(snip)
>  The problem with this is we can be calling foreign code.  We have to
>  force all library authors to use it.  Library authors may not expect
>  that calls to ".intern" will be fed user input.
>
>  Most security issues we have to deal with (even the YAML example) are
>  cases where we do not expect to process foreign input.

Hmm.... I'm worried that the following code is not thread safe.

 > >     begin
 > >       Symbol.freeze_symbols
 > >       YAML.load(...)
 > >     ensure
 > >       Symbol.thaw_symbols
 > >     end

>  > I guess it can be implemented easily compared to Symbol GC.
>  
>  Even freezing and thawing would definitely be easier than Symbol GC.

Sasada-san might implement Symbol GC for MRI.
# So I'm worried that he might get less popular with women.

If it can be implemented in other implementations, it would be the best solution.

----------------------------------------
Feature #7839: Symbol.freeze_symbols
https://bugs.ruby-lang.org/issues/7839#change-36194

Author: tenderlovemaking (Aaron Patterson)
Status: Open
Priority: Normal
Assignee: 
Category: 
Target version: 


Hi,

On team Rails, we're having troubles with Symbol creation DoS attacks.  From our perspective, there should be a point in the application where symbols should stabilize, meaning we don't expect the number of symbols to increase while the process is running.

I'd like to be able to call a method like `Symbol.freeze_symbols` which would essentially freeze the symbol hash, such that if any new symbols are created, an exception would be thrown.

I can work on a patch for this, but I wanted to throw the idea out there.


-- 
http://bugs.ruby-lang.org/