Name
Level 4
Synopsis
In this level, modification of global data is forbidden, in addition
to all restrictions in Level 3. eval
is allowed
again in this level, since all dangerous operations are blocked in
this level.
def safe_eval(str) Thread::start { # start sandbox thread $SAFE = 4 # upgrade safe level eval(str) # eval in the sandbox }.value # retrieve result end eval('1 + 1') # => 2 eval('system "rm -rf /"') # SecurityError
The following operations are prohibited:
Object#taint
autoload
,load
, andinclude
Modifying
Object
classModifying untainted objects
Modifying untainted classes or modules
Retrieving meta information (e.g., variable list)
Manipulating instance variables
Manipulating threads other than current
Accessing thread local data
Terminating process (by
exit
,abort
)File input/output
Modifying environment variables
srand
Get Ruby in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.