ruby.git/lib/tmpdir.rb, branch v3_0_4 The Ruby Programming Language Make usable chars more strict 2021-04-05T11:06:22+00:00 Nobuyoshi Nakada nobu@ruby-lang.org 2021-03-31T16:17:45+00:00 3b97a6496f35efbc6aef9aef2bd1fe87e6b5d158 Remove other than alphanumeric and some punctuations considered filesystem-safe, instead of removing some unsafe chars only. https://hackerone.com/reports/1131465 
Remove other than alphanumeric and some punctuations considered
filesystem-safe, instead of removing some unsafe chars only.

https://hackerone.com/reports/1131465
[ruby/tmpdir] Warn when environment variables skipped (fixes #2) 2020-09-14T09:22:37+00:00 Nobuyoshi Nakada nobu@ruby-lang.org 2020-07-16T08:45:08+00:00 edb5c67195129e1d10f329edb55e486e1874b20e https://github.com/ruby/tmpdir/commit/af7b020a89 
https://github.com/ruby/tmpdir/commit/af7b020a89
Correctly remove temporary directory if path yielded is mutated 2020-05-29T14:06:46+00:00 Jeremy Evans code@jeremyevans.net 2020-05-29T02:49:10+00:00 2ecfb88ee50510955acd3ae9fc94a5f109e7f109 Another approach would be to freeze the string, but that could cause backwards compatibility issues. Fixes [Bug #16918] 
Another approach would be to freeze the string, but that could
cause backwards compatibility issues.

Fixes [Bug #16918]
Isolate the PRNG for tmpdir/tempfile 2020-01-29T01:14:15+00:00 Nobuyoshi Nakada nobu@ruby-lang.org 2020-01-29T01:12:35+00:00 98f6c74b429f9e8afccb000da4a50920479dffd6 To get rid of conflicts affected by `srand`. 
To get rid of conflicts affected by `srand`.
Warn on access/modify of $SAFE, and remove effects of modifying $SAFE 2019-11-17T23:00:25+00:00 Jeremy Evans code@jeremyevans.net 2019-09-21T02:06:22+00:00 c5c05460ac20abcbc0ed686eb4acf06da7a39a79 This removes the security features added by $SAFE = 1, and warns for access or modification of $SAFE from Ruby-level, as well as warning when calling all public C functions related to $SAFE. This modifies some internal functions that took a safe level argument to no longer take the argument. rb_require_safe now warns, rb_require_string has been added as a version that takes a VALUE and does not warn. One public C function that still takes a safe level argument and that this doesn't warn for is rb_eval_cmd. We may want to consider adding an alternative method that does not take a safe level argument, and warn for rb_eval_cmd. 
This removes the security features added by $SAFE = 1, and warns for access
or modification of $SAFE from Ruby-level, as well as warning when calling
all public C functions related to $SAFE.

This modifies some internal functions that took a safe level argument
to no longer take the argument.

rb_require_safe now warns, rb_require_string has been added as a
version that takes a VALUE and does not warn.

One public C function that still takes a safe level argument and that
this doesn't warn for is rb_eval_cmd.  We may want to consider
adding an alternative method that does not take a safe level argument,
and warn for rb_eval_cmd.
Fix keyword argument separation issues in lib 2019-08-30T19:39:31+00:00 Jeremy Evans code@jeremyevans.net 2019-04-07T23:44:49+00:00 d08e1004e0ee1286e4513de2a170391a4d0a0116 Mostly requires adding ** in either calls or method definitions. 
Mostly requires adding ** in either calls or method definitions.
Constified unusable chars 2019-06-21T14:04:34+00:00 Nobuyoshi Nakada nobu@ruby-lang.org 2019-06-21T14:03:36+00:00 1c7e303b26090205f393595f15dadddd4b2d31b6 






tmpdir.rb: permission of user given directory
2019-01-23T06:06:47+00:00

nobu
nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2019-01-23T06:06:47+00:00

1fae154c07b957278fd336b54256d5c57f21e0d5

* lib/tmpdir.rb (Dir.mktmpdir): check if the permission of the
  parent directory only when using the default temporary
  directory, and no check against user given directory.  the
  security is the user's responsibility in that case.
  [ruby-core:91216] [Bug #15555]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66909 b2dd03c8-39d4-4d8f-98ff-823fe69b080e





* lib/tmpdir.rb (Dir.mktmpdir): check if the permission of the
  parent directory only when using the default temporary
  directory, and no check against user given directory.  the
  security is the user's responsibility in that case.
  [ruby-core:91216] [Bug #15555]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66909 b2dd03c8-39d4-4d8f-98ff-823fe69b080e







Ignore file separator from tmpfile/tmpdir name.
2018-03-28T10:03:03+00:00

hsbt
hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2018-03-28T10:03:03+00:00

10b96900b90914b0cc1dba36f9736c038db2859d

From: SHIBATA Hiroshi <hsbt@ruby-lang.org>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62990 b2dd03c8-39d4-4d8f-98ff-823fe69b080e





From: SHIBATA Hiroshi <hsbt@ruby-lang.org>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62990 b2dd03c8-39d4-4d8f-98ff-823fe69b080e







tmpdir.rb: merged make_tmpname to create
2017-11-15T08:02:09+00:00

nobu
nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2017-11-15T08:02:09+00:00

25d56ea7b7b52dc81af30c92a9a0e2d2dab6ff27

* lib/tmpdir.rb (Dir::Tmpname#create): try conversion of prefix
  and suffix just once before loop.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60775 b2dd03c8-39d4-4d8f-98ff-823fe69b080e





* lib/tmpdir.rb (Dir::Tmpname#create): try conversion of prefix
  and suffix just once before loop.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60775 b2dd03c8-39d4-4d8f-98ff-823fe69b080e