Hi all,
setting the $SAFE-level down from 3 to 2 let's you now do things such as:
- eval()
- extend/modify classes such as Class and Module (*)
- use "require"
etc.
As some of these features (namely (*)) would have "polluted" the
longrunning mod-ruby-environment, I decided to switch to plain cgi. I
didn't notice a big decrease in speed though. 

The following commands are still suppressed (i.e. we effectively have a
level of 2.5): - exec
- system
- x%{}
- ``
- File- and Dir-commands
 
Especially "Programming Ruby"-INTERACTIVE
(http://www.ruby.ch/en/rubybookonline.shtml) does profit from this
*softening*. You should now be able to test allmost all code snippets! 

I did quite some testing with my Ruby-SANDBOX, but there is (of course)
still a chance for security holes. I appreciate you trying to detect
these holes, but I urge you to not "hurt" my Linux-Baby but rather inform
me about any security hole immediately.  This should be in the interest
of everybody using this site. If the "real ruby-gurus" (Matz, Guy(ts),
Dave, Robert, Conrad and and and...) out there don't find any, I regard
the sanbox as SECURE and will then put it into the RAA. 

Any comments are welcome!

Regards
Clemens
(greetings from Walter Webcoder ;-))