>>>>> "D" == Daniel Berger <djberg96 / attbi.com> writes: D> Oh, and thanks Guy. Perhaps a cookbook entry? Not a cookbook entry but I'll say you why in this case eval is evil Imagine that you have this module pigeon% cat hab.rb module Hab def biv(attributes) attributes.each do |k, v| name = k.id2name instance_eval(<<-EOS) class << self attr_accessor :#{name} end EOS send("#{name}=", v) end end end pigeon% because you find it usefull, you always use it and one day you'll write pigeon% cat b.rb #!/usr/bin/ruby require 'hab' class A include Hab end Thread.new do $SAFE = 3 a = A.new a.biv(:aaa => 12) p a.aaa end.join pigeon% pigeon% b.rb ./hab.rb:5:in `instance_eval': Insecure operation - instance_eval (SecurityError) from ./b.rb:7:in `join' from ./b.rb:7 pigeon% You have an usefull module, but this module is just useless because it can't be used with $SAFE = 3. Now rewrite it pigeon% cat hab.rb module Hab def biv(attributes) attributes.each do |k, v| type.send(:attr_accessor, k) send("#{k}=", v) end end end pigeon% pigeon% cat b.rb #!/usr/bin/ruby require 'hab' class A include Hab end Thread.new do $SAFE = 3 a = A.new a.biv(:aaa => 12) p a.aaa end.join pigeon% pigeon% b.rb 12 pigeon% This module do the same thing and it still work with $SAFE = 3. Each time that you use #eval means that you'll not be able to use your module with $SAFE = 3 Guy Decoux