tfpt review "/shelveset:19compat;REDMOND\tomat" Comment : Adds LibraryPath19 option. This option allows to set paths to 1.9 libs and is used in -1.9 mode. Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model. Fixes Array#fill overload ambiguity. Fixes Array#== and Hash#== to handle recursive structures properly. Tomas
I know I''m a bit late but I have a question.> Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model.Since IR doesn''t support Ruby''s security model, does this mean that (for example) it''s really OK to have Object#clone not preserving the untrusted state of an object or having Kernel#trust and Kernel#untrust not raising an exception if an object is frozen, like happen on MRI 1.9? On Mon, Jul 19, 2010 at 22:35, Tomas Matousek <Tomas.Matousek at microsoft.com> wrote:> ?tfpt review "/shelveset:19compat;REDMOND\tomat" > ?Comment ?: > ?Adds LibraryPath19 option. This option allows to set paths to 1.9 libs and is used in -1.9 mode. > ?Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model. > ?Fixes Array#fill overload ambiguity. > ?Fixes Array#== and Hash#== to handle recursive structures properly. > > Tomas > > _______________________________________________ > Ironruby-core mailing list > Ironruby-core at rubyforge.org > http://rubyforge.org/mailman/listinfo/ironruby-core > >-- Daniele Alessandri http://clorophilla.net/ http://twitter.com/JoL1hAHN
The behavior differences you describe should be fixed. This doesn''t mean though that you should base any security related decisions upon flags like tainted and untrusted. We are giving no security guarantees based upon these flags. The only security barriers are those defined by CLR security system. Tomas -----Original Message----- From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Daniele Alessandri Sent: Friday, August 20, 2010 8:25 AM To: ironruby-core at rubyforge.org Subject: Re: [Ironruby-core] Code Review: 19compat I know I''m a bit late but I have a question.> Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model.Since IR doesn''t support Ruby''s security model, does this mean that (for example) it''s really OK to have Object#clone not preserving the untrusted state of an object or having Kernel#trust and Kernel#untrust not raising an exception if an object is frozen, like happen on MRI 1.9? On Mon, Jul 19, 2010 at 22:35, Tomas Matousek <Tomas.Matousek at microsoft.com> wrote:> ?tfpt review "/shelveset:19compat;REDMOND\tomat" > ?Comment ?: > ?Adds LibraryPath19 option. This option allows to set paths to 1.9 libs and is used in -1.9 mode. > ?Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model. > ?Fixes Array#fill overload ambiguity. > ?Fixes Array#== and Hash#== to handle recursive structures properly. > > Tomas > > _______________________________________________ > Ironruby-core mailing list > Ironruby-core at rubyforge.org > http://rubyforge.org/mailman/listinfo/ironruby-core > >-- Daniele Alessandri http://clorophilla.net/ http://twitter.com/JoL1hAHN _______________________________________________ Ironruby-core mailing list Ironruby-core at rubyforge.org http://rubyforge.org/mailman/listinfo/ironruby-core
OK thanks. I supposed it was just like for the taint status but the "always settable and not checked anywhere" made me wonder if there was something else. On Fri, Aug 20, 2010 at 18:15, Tomas Matousek <Tomas.Matousek at microsoft.com> wrote:> The behavior differences you describe should be fixed. This doesn''t mean though that you should base any security related decisions upon flags like tainted and untrusted. > We are giving no security guarantees based upon these flags. The only security barriers are those defined by CLR security system. > > Tomas > > -----Original Message----- > From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Daniele Alessandri > Sent: Friday, August 20, 2010 8:25 AM > To: ironruby-core at rubyforge.org > Subject: Re: [Ironruby-core] Code Review: 19compat > > I know I''m a bit late but I have a question. > >> ?Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model. > > Since IR doesn''t support Ruby''s security model, does this mean that (for example) it''s really OK to have Object#clone not preserving the untrusted state of an object or having Kernel#trust and Kernel#untrust not raising an exception if an object is frozen, like happen on MRI 1.9? > > > On Mon, Jul 19, 2010 at 22:35, Tomas Matousek <Tomas.Matousek at microsoft.com> wrote: >> ?tfpt review "/shelveset:19compat;REDMOND\tomat" >> ?Comment ?: >> ?Adds LibraryPath19 option. This option allows to set paths to 1.9 libs and is used in -1.9 mode. >> ?Implements Kernel#trusted?, Kernel#trust, Kernel#untrust. The flag is always settable and not checked anywhere as we don''t support Ruby''s security model. >> ?Fixes Array#fill overload ambiguity. >> ?Fixes Array#== and Hash#== to handle recursive structures properly. >> >> Tomas >> >> _______________________________________________ >> Ironruby-core mailing list >> Ironruby-core at rubyforge.org >> http://rubyforge.org/mailman/listinfo/ironruby-core >> >> > > > > -- > Daniele Alessandri > http://clorophilla.net/ > http://twitter.com/JoL1hAHN > _______________________________________________ > Ironruby-core mailing list > Ironruby-core at rubyforge.org > http://rubyforge.org/mailman/listinfo/ironruby-core > _______________________________________________ > Ironruby-core mailing list > Ironruby-core at rubyforge.org > http://rubyforge.org/mailman/listinfo/ironruby-core >-- Daniele Alessandri http://clorophilla.net/ http://twitter.com/JoL1hAHN