Hallo Kengo, nakajima kengo writes: > Hello Clemens, > > I guess your program will process source code read from network , or > input by users. In this case you don't want to trust whole external ruby > script, do you? As discussed in another ruby Mailing List, whose name something like that... I want to embed the interpreter to allow my application to call a script, to define some helper methods using Ruby (the kind of task, Tcl was originally invented for :-). But I want not to allow such scripts to do any dangerous things with the system. > is ruby-list, you can specify an option '-T3' to ruby interpreter to > meet your need. > There are also -T1, -T2, and -T4 options. By using '-T3' security level, > you can disable almost all effective system calls called in the script. Great hint! And what will -T4 do? > I strongly recommend you to read the ML archive and an official Ruby > book which is just released last month. But both the mail archive and > the book are written in Japanese. I think it's a real problem, isnt it? Oh yes! Unfortunately it is... > > If you strongly want to read the discussion about the security options > and articles in the book, I'll translate it for you. Maybe matz is > too busy to do it.... Thanks for your offer. But I think, it will not be necessary. Your hint should be enough! Thanks :-))))) > And, I wish I had enough spare time to translate the whole book into > English!!! And I wish, I could Japanese to translate it... ;-) > > Kengo Nakajima \cle