Hallo Kengo,

nakajima kengo writes:
> Hello Clemens,
> 
>   I guess your program will process source code read from network , or
> input by users. In this case you don't want to trust whole external ruby
> script, do you?  As discussed in another ruby Mailing List, whose name

something like that... I want to embed the interpreter to allow my
application to call a script, to define some helper methods using Ruby
(the kind of task, Tcl was originally invented for :-). But I want not
to allow such scripts to do any dangerous things with the system.

> is ruby-list, you can specify an option '-T3' to ruby interpreter to
> meet your need.
>  There are also -T1, -T2, and -T4 options. By using '-T3' security level,
> you can disable almost all effective system calls called in the script.

Great hint! And what will -T4 do?

> I strongly recommend you to read the ML archive and an official Ruby
> book which is just released last month. But both the mail archive and
> the book are written in Japanese. I think it's a real problem, isnt it?

Oh yes! Unfortunately it is...

> 
>   If you strongly want to read the discussion about the security options
> and articles in the book, I'll translate it for you. Maybe matz is
> too busy to do it....

Thanks for your offer. But I think, it will not be necessary. Your
hint should be enough! Thanks :-)))))

>  And, I wish I had enough spare time to translate the whole book into
> English!!!

And I wish, I could Japanese to translate it... ;-)

> 
> Kengo Nakajima

\cle