Une Bue wrote:
> print FileTest.exist?("/Users/yt/man/eruby.html") #without variable

 Try with

  puts file.tainted?
  puts "/Users/yt/man/eruby.html".tainted?

> /Users/yt/Sites/ruby/man-receive.rbx:54:in `exist?': Insecure operation
> - exist? (SecurityError)

 man-receive.rbx run with '$SAFE = 1' and it's a security error to use
 FileTest#exist? with a tainted object at this level

vgs% ruby -e 'name ="./ruby".taint; p FileTest.exist?(name)'
true
vgs%
 
vgs% ruby -e '$SAFE = 1; name ="./ruby".taint; p FileTest.exist?(name)'
-e:1:in `exist?': Insecure operation - exist? (SecurityError)
	from -e:1
vgs% 


Guy Decoux