* eval.c (mnew): should preserve noex as safe_level.

	* eval.c (rb_call0): tighten security check condition..


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@13387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

3 files changed, 9 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index e7bb6db371..a3d90f5d69 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Fri Sep  7 15:50:50 2007  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* eval.c (mnew): should preserve noex as safe_level.
+
+	* eval.c (rb_call0): tighten security check condition..
+
 Fri Sep  7 15:43:43 2007  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* ext/tk/tcltklib.c (Init_tcltklib): use rb_set_end_proc().
diff --git a/eval.c b/eval.c
index fa0ed979a6..3dd107654d 100644
--- a/eval.c
+++ b/eval.c
@@ -5777,7 +5777,7 @@ rb_call0(klass, recv, id, oid, argc, argv, body, flags)
     volatile int safe = -1;
 
     if (NOEX_SAFE(flags) > ruby_safe_level &&
-	!(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
+	ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
 	rb_raise(rb_eSecurityError, "calling insecure method: %s",
 		 rb_id2name(id));
     }
@@ -9007,7 +9007,7 @@ mnew(klass, obj, id, mklass)
     data->body = body;
     data->rklass = rklass;
     data->oid = oid;
-    data->safe_level = NOEX_WITH_SAFE(0);
+    data->safe_level = NOEX_WITH_SAFE(noex);
     OBJ_INFECT(method, klass);
 
     return method;
diff --git a/version.h b/version.h
index 25a38dfe30..3ead08fa80 100644
--- a/version.h
+++ b/version.h
@@ -2,7 +2,7 @@
 #define RUBY_RELEASE_DATE "2007-09-07"
 #define RUBY_VERSION_CODE 186
 #define RUBY_RELEASE_CODE 20070907
-#define RUBY_PATCHLEVEL 93
+#define RUBY_PATCHLEVEL 94
 
 #define RUBY_VERSION_MAJOR 1
 #define RUBY_VERSION_MINOR 8