>>In ruby, we can use the ruby parser itself.
>(snip)
>>Note that you should only use this method if the person who writes the
>>config file is trusted, since that person can specify arbitrary code for
>>the program to execute.
>
>And for that reason, I would personally avoid 
>this approach. I don't trust anyone that much.

Well, you probably trust the person who wrote the original program that much
(since you are running her code). And you probably trust yourself. And matz.

Also note that many other programs have security that depend on trusted
config-files, for example firewalls. If someone can edit the config file
of your firewall, you are in trouble.

Powerful config-files are only a problem when the access rights to the
config-files are more permissive than the access rights to the executable.

But if you are not lazy (like me) then I certainly agree that it is better
security-wise to use less powerful config files. The risk that you will
mess up is smaller.

Wouldn't it be nice if eval's could be sandboxed?

// Niklas