>>>>> "R" == \"RayZ\" Andrew V Rumm <RayZ> writes:

R> SomeFile = File.new("someFileName", "w")

 "someFileName" is probably tainted because it came from the outside. You
 must *carefully* verify that it's a valid filename and that you can use
 the filename *safely* before trying to untaint it.


Guy Decoux