Hi,

At Sat, 15 Jul 2006 01:42:31 +0900,
Justin Bailey wrote in [ruby-core:08226]:
> > Since the result string will be tainted, so the original string
> > also will be tainted implicitly.  But now I about to think it
> > should be tainted too.
> 
> Does that mean unpacking from nested pointers will work and I was seeing a
> security error  previously? Or does this just tighten up the "tainting"
> model?

The latter.  And I feel wrong to leave the original not tainted
now, though not sure whether it can cause any vulnerability.

-- 
Nobu Nakada