📄 2.10.htm
字号:
<TR>
<TD height=15> </TD></TR>
<TR>
<TD class=v2 vAlign=top><A
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=print&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-10&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1"
target=_new><IMG height=12 src="2.10.files/img_print.gif"
width=14 align=textTop border=0></A> <A class=v2
title="Printer-friendly version of this section"
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=print&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-10&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1"
target=_new>Print</A> <A
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=email&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-10&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1"><IMG
height=9 hspace=3 src="2.10.files/img_email.gif" width=15
align=absMiddle border=0></A> <A class=v2
title="E-Mail this section"
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=email&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-10&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1">E-Mail</A>
<A
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=bookmark&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-10&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1"><IMG
height=14 hspace=3 src="2.10.files/img_bookmarks.gif" width=6
align=absMiddle border=0></A> <A class=v2
title="Add a bookmark about this section"
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=bookmark&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-10&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1">Add
Bookmark</A></TD>
<TD class=v2 vAlign=top align=right> <A
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=section&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-2-SECT-9&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1"><IMG
height=16 src="2.10.files/btn_prev.gif" width=56
align=absMiddle border=0></A> <A
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=section&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9/ruby-CHP-3&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1"><IMG
height=16 src="2.10.files/btn_next.gif" width=41
align=absMiddle border=0></A></TD></TR></TBODY></TABLE>
<HR SIZE=1>
<TABLE cellSpacing=0 cellPadding=5 width="100%" border=0>
<TBODY>
<TR>
<TD vAlign=top width=67 rowSpan=3><IMG
src="2.10.files/ruby_xs.gif" width=67 border=0></TD>
<TD class=v2 vAlign=top><A class=v1
href="http://proquest.safaribooksonline.com/JVXSL.asp?x=1&mode=section&sortKey=title&sortOrder=asc&view=&xmlid=0-59600-214-9&open=false&catid=&s=1&b=1&f=1&t=1&c=1&u=1&srchText=">Ruby
in a Nutshell</A><BR>By Yukihiro Matsumoto<BR></TD></TR>
<TR>
<TD class=v2> </TD></TR>
<TR>
<TD class=t1 vAlign=bottom>Chapter 2. Language
Basics</TD></TR></TBODY></TABLE>
<HR SIZE=1>
<BR>
<TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
<TBODY>
<TR>
<TD vAlign=top><A name=ruby-CHP-2-SECT-10></A>
<H3 class=docSection1Title>2.10 Security</H3><A
name=ruby-IDXTERM-377></A>
<P class=docText>Ruby is portable and can easily use code
distributed across a network. This property gives you
tremendous power and flexibility but introduces a commensurate
burden: how do you use this capability without possibly
causing damage? </P>
<P class=docText><A name=IXT-2-127128></A>Part of the answer
lies in Ruby's security system, which allows you to "lock
down" the Ruby environment when executing code that may be
suspect. Ruby calls such data and code <I>tainted</I>. This
feature introduces mechanisms that allow you to decide how and
when potentially "dangerous" data or code can be used inside
your Ruby scripts. </P><A name=ruby-CHP-2-SECT-10.1></A>
<H4 class=docSection2Title>2.10.1 Restricted Execution</H4>
<P class=docText><A name=IXT-2-127129></A><A
name=IXT-2-127130></A><A name=IXT-2-127131></A><A
name=IXT-2-127132></A><A name=IXT-2-127133></A>Ruby can
execute programs with <SPAN class=docEmphasis>security
checking</SPAN> turned on. The global variable <TT>$SAFE</TT>
determines the level of the security check. The default safe
level is 0, unless specified explicitly by the command-line
option <TT>-T</TT>, or the Ruby script is run <TT>setuid</TT>
or <TT>setgid</TT>. </P>
<P class=docText><TT>$SAFE</TT> can be altered by assignment,
but it isn't possible to lower the value of it: </P><PRE>$SAFE=1 # upgrade the safe level
$SAFE=4 # upgrade the safe level even higher
$SAFE=0 # SecurityError! you can't do it</PRE>
<P class=docText><TT>$SAFE</TT><A name=IXT-2-127134></A> is
thread local; in other words, the value of <TT>$SAFE</TT> in a
thread may be changed without affecting the value in other
threads. Using this feature, threads can be sandboxed for
untrusted programs. </P><PRE>Thread::start { # starting "sandbox" thread
$SAFE = 4 # for this thread only
... # untrusted code
}</PRE><A name=ch02-90-fm2xml></A>
<TABLE cellPadding=5 width=515 border=0>
<TBODY>
<TR>
<TD align=left><B><I>Level 0 </I></B></TD>
<TD align=right></TD></TR></TBODY></TABLE>
<HR align=left width=515 color=black noShade SIZE=3>
<TABLE cellPadding=5 width=515 border=0>
<TBODY>
<TR>
<TD align=left></TD>
<TD align=right></TD></TR></TBODY></TABLE>
<P class=docText>Level 0 is the default safe level. No checks
are performed on tainted data. </P>
<P class=docText><A name=IXT-2-127135></A><A
name=IXT-2-127136></A><A name=IXT-2-127137></A><A
name=IXT-2-127138></A>Any externally supplied string from
<TT>IO</TT>, environment variables, and <TT>ARGV</TT> is
automatically flagged as tainted. </P>
<P class=docText><A name=IXT-2-127139></A>The environment
variable <TT>PATH</TT> is an exception. Its value is checked,
and tainted only if any directory in it is writable by
everybody. </P><A name=ch02-91-fm2xml></A><A
name=IXT-2-127140></A><A name=IXT-2-127141></A><A
name=IXT-2-127142></A><A name=IXT-2-127143></A><A
name=IXT-2-127144></A><A name=IXT-2-127145></A><A
name=IXT-2-127146></A><A name=IXT-2-127147></A><A
name=IXT-2-127148></A><A name=IXT-2-127149></A><A
name=IXT-2-127150></A><A name=IXT-2-127151></A><A
name=IXT-2-127152></A><A name=IXT-2-127153></A><A
name=IXT-2-127154></A><A name=IXT-2-127155></A><A
name=IXT-2-127156></A><A name=IXT-2-127157></A><A
name=IXT-2-127158></A><A name=IXT-2-127159></A>
<TABLE cellPadding=5 width=515 border=0>
<TBODY>
<TR>
<TD align=left><B><I>Level 1</I></B></TD>
<TD align=right></TD></TR></TBODY></TABLE>
<HR align=left width=515 color=black noShade SIZE=3>
<TABLE cellPadding=5 width=515 border=0>
<TBODY>
<TR>
<TD align=left></TD>
<TD align=right></TD></TR></TBODY></TABLE>
<P class=docText><A name=IXT-2-127140></A>In this level,
potentially dangerous operations using tainted data are
forbidden. This is a suitable level for programs that handle
untrusted input, such as CGI. </P>
<UL>
<LI>
<P class=docList><A name=IXT-2-127141></A><A
name=IXT-2-127142></A>Environment variables <TT>RUBYLIB</TT>
and <TT>RUBYOPT</TT> are ignored at startup. </P>
<LI>
<P class=docList><A name=IXT-2-127143></A><A
name=IXT-2-127144></A>Current directory (.) isn't included
in <TT>$LOAD_PATH</TT>. </P>
<LI>
<P class=docList><A name=IXT-2-127145></A><A
name=IXT-2-127146></A><A name=IXT-2-127147></A><A
name=IXT-2-127148></A><A name=IXT-2-127149></A><A
name=IXT-2-127150></A><A name=IXT-2-127151></A>The
command-line options <TT>-e</TT>, <TT>-i</TT>, <TT>-I</TT>,
<TT>-r</TT>, <TT>-s</TT>, <TT>-S</TT>, and <TT>-X</TT> are
prohibited. </P>
<LI>
<P class=docList>Process termination if the environment
variable <TT>PATH</TT> is tainted. </P>
<LI>
<P class=docList><A name=IXT-2-127152></A><A
name=IXT-2-127153></A><A name=IXT-2-127154></A>Invoking
methods and class methods of <TT>Dir</TT>, <TT>IO</TT>,
<TT>File</TT>, and <TT>FileTest</TT> for tainted arguments
is prohibited. </P>
<LI>
<P class=docList><A name=IXT-2-127155></A><A
name=IXT-2-127156></A><A name=IXT-2-127157></A><A
name=IXT-2-127158></A><A name=IXT-2-127159></A>Invoking
<TT>test</TT>, <TT>eval</TT>, <TT>require</TT>,
<TT>load</TT>, and <TT>trap</TT> methods for tainted
argument is prohibited. </P></LI></UL><A
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -