ruby.git/spec/ruby/security, branch ruby_2_7 The Ruby Programming Language Deprecate taint/trust and related methods, and make the methods no-ops 2019-11-17T23:00:25+00:00 Jeremy Evans code@jeremyevans.net 2019-09-25T03:59:12+00:00 ffd0820ab317542f8780aac475da590a4bdbc7a8 This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby. 
This removes the related tests, and puts the related specs behind
version guards.  This affects all code in lib, including some
libraries that may want to support older versions of Ruby.
Removed trial and errors 2019-11-09T14:00:32+00:00 Nobuyoshi Nakada nobu@ruby-lang.org 2019-11-09T14:00:32+00:00 03fdf02321d4ac3123fb6908e7be53e232a92b67 






Specify the permission
2019-11-09T13:40:14+00:00

Nobuyoshi Nakada
nobu@ruby-lang.org

2019-11-09T13:40:14+00:00

a68205c5c19277e9ece8409b1f6af7e226989dff

To make the temporary directory non-writable by group and others.





To make the temporary directory non-writable by group and others.







Fixed the debug print
2019-11-09T13:15:15+00:00

Nobuyoshi Nakada
nobu@ruby-lang.org

2019-11-09T13:15:15+00:00

774cfb065567d07c4cf172cbb1708acda5e0fde4












Debug-print tmpdir info
2019-11-09T12:59:07+00:00

Nobuyoshi Nakada
nobu@ruby-lang.org

2019-11-09T12:58:55+00:00

20bc038ea31ee799103bb89068537ed4e4f699b4












Add debug print
2019-11-09T07:45:27+00:00

Kazuhiro NISHIYAMA
zn@mbf.nifty.com

2019-11-09T07:43:47+00:00

352096ef6047538bfedb974a7c1b1156f5a0e811












Try to fix test-spec failure on macOS
2019-11-08T15:25:28+00:00

Yusuke Endoh
mame@ruby-lang.org

2019-11-08T15:22:25+00:00

9deca1a3b91271159e164188367f003978737f42

Not sure what is happening, but spec/ruby/security/cve_2018_6914_spec.rb
fails on macOS.
https://github.com/ruby/ruby/runs/294462511#step:10:134

I suspect that the state of a directory is weird immediately after it is
created (not writable or even world writable?).  This change tries to
make sure that ENV["TMPDIR"] is actually used by Dir.tmpdir.





Not sure what is happening, but spec/ruby/security/cve_2018_6914_spec.rb
fails on macOS.
https://github.com/ruby/ruby/runs/294462511#step:10:134

I suspect that the state of a directory is weird immediately after it is
created (not writable or even world writable?).  This change tries to
make sure that ENV["TMPDIR"] is actually used by Dir.tmpdir.







Fix tests for CVE-2018-6914
2019-10-29T13:40:41+00:00

Nobuyoshi Nakada
nobu@ruby-lang.org

2019-10-29T13:39:30+00:00

fee5cde00be7342dc6c00d0b0a0276d09e5252e3

Since the current working directory is not involved in `Tempfile`
and `Dir.mktmpdir` (except for the last resort), it is incorrect
to derive the traversal path from it.  Also, since the rubyspec
temporary directory is created under the build directory, this is
not involved in the target method.  Fixed sporadic errors in
test-spec.





Since the current working directory is not involved in `Tempfile`
and `Dir.mktmpdir` (except for the last resort), it is incorrect
to derive the traversal path from it.  Also, since the rubyspec
temporary directory is created under the build directory, this is
not involved in the target method.  Fixed sporadic errors in
test-spec.







Update to ruby/spec@875a09e
2019-07-27T10:40:09+00:00

Benoit Daloze
eregontp@gmail.com

2019-07-27T10:40:09+00:00

5c276e1cc91c5ab2a41fbf7827af2fed914a2bc0












Update to ruby/spec@8d74d49
2019-06-27T19:02:36+00:00

Benoit Daloze
eregontp@gmail.com

2019-06-27T19:02:36+00:00

d80e44deec77678fe2d72f94c17b2409b3e794d5