> I didn't write it or have anything to do with it, but it's
> done because *anybody* can inject Ruby code into your
> program.

If /tmp is a sticky directory (it is) and /tmp/$APP.$$.tmp is
owned by me (it is) and I'm the only person able to add or
alter files in it (I am), how can somebody else, let alone
*anybody*, inject Ruby code in my application?

I logged on as a different user and tried to corrupt, move,
delete and alter the temporary tree of a running application. I
couldn't.

> I really can't think of a valid reason why you'd put a
> library file into such a directory and include that directory
> in your PATH.

But I can... If you create temporary files in your application,
you can use /tmp. Well, you *should* use /tmp. It's invented
for exactly that. Even when it is a temporary library file or
an embedded application which is extracted to /tmp/$APP.$$.tmp.

> Looking at your examples below you've basically opened the
> gates of hell by putting /tmp in your PATH. Simply don't do
> this.

Did I say that I added /tmp in my path? I didn't add /tmp in my
path. Though I did add /tmp/$APP.$$.tmp/bin in my path. But
that directory is owned by me and /tmp is very sticky. What's
the problem?

(I skipped the rest of your message, which was based on
assumptions...)

> Anyway, the way you're doing things is going to cause you
> major problems.

If so, please explain.

Thanks.

gegroet,
Erik V. - http://www.erikveen.dds.nl/