> aurelianito wrote:
> > I want to say things like evil.rb code can write to "evil.log" but to
> > nothing else.
> > How can use threads to say this kind of things with threads?
> >
>
> require 'thread'
>
> write_queue = Queue.new
>
> safe_thread = Thread.new do
>   $SAFE = 4
>   data = "some data"
>   write_queue << data
> end
>
>
> write_thread = Thread.new do
>   loop do
>     data = write_queue.pop
>     puts data # or write to "evil.log"
>   end
> end
>
> sleep 0.1

I would like to be able to write standard ruby code to do it. I mean,
use File to open a file and that's it.
I want to state the capabilities in a declarative way:
evil.rb can only write evil.log
good_and_dumb.rb can write everything.
another_even_more_evil.rb can't write anything anywhere.

And I want to be able to write this code:

good_and_dumb.rb:
require 'evil'
require 'another_even_more_evil'

a = method_defined_in_evil()
b = method_defined_in_another_even_more_evil( a )
puts b

And take no security risks. It's a difficult project, but I think it's
a good way to learn the ruby internals.

I hope this stops people from suggesting clever hacks (like the one you
just made). It's not about the clever hack. It's about how do I declare
it properly and enforce it.

Thank's for your time, and your patience,
Aureliano.