Yukihiro Matsumoto wrote:
> |I'd like to hear from Matz, or someone who knows one way or the other,
> |which way is the "proper" Ruby way?  Should taintedness be inherited or
> |not?
> 
> I didn't really get what you meant by "taintedness inheritence".
> Taintedness is an attribute of each instance of classes.
> 
> Could you explain what is design decision of your library?

Yes.

  a = "Sean"
  a.taint
  b = "Russell"
  c = a + b
  c.tainted?          #-> true
  a = [1]
  a.taint
  b = [2]
  c = a + b
  c.tainted?          #-> false

In fact, as far as I can tell, Strings are the only things where taintedness 
is "inherited" to other objects derived from tainted objects.

REXML reads strings from various sources.  These strings can be tained.  
However, because of how REXML does encoding support, taintedness gets lost.  
It isn't clear to me, from the behavior of Ruby or any other documentation, 
what the Standard Operating Procedure regarding taintedness inheritance is.  
What are the guidelines?  When deriving new objects from other objects, 
should the taintedness be "inherited"?  If so, why do most objects not do 
so?  If not, why do Strings do so?

Thanks!

--- SER