Warn on access/modify of $SAFE, and remove effects of modifying $SAFE

This removes the security features added by $SAFE = 1, and warns for access
or modification of $SAFE from Ruby-level, as well as warning when calling
all public C functions related to $SAFE.

This modifies some internal functions that took a safe level argument
to no longer take the argument.

rb_require_safe now warns, rb_require_string has been added as a
version that takes a VALUE and does not warn.

One public C function that still takes a safe level argument and that
this doesn't warn for is rb_eval_cmd.  We may want to consider
adding an alternative method that does not take a safe level argument,
and warn for rb_eval_cmd.

1 files changed, 0 insertions, 4 deletions

diff --git a/ext/win32ole/win32ole_event.c b/ext/win32ole/win32ole_event.c
index ddb5200b9a..041639af6c 100644
--- a/ext/win32ole/win32ole_event.c
+++ b/ext/win32ole/win32ole_event.c
@@ -922,10 +922,6 @@ ev_advise(int argc, VALUE *argv, VALUE self)
 
     if(!RB_TYPE_P(itf, T_NIL)) {
         pitf = StringValuePtr(itf);
-        if (rb_safe_level() > 0 && OBJ_TAINTED(itf)) {
-            rb_raise(rb_eSecurityError, "insecure event creation - `%s'",
-                     StringValuePtr(itf));
-        }
         hr = find_iid(ole, pitf, &iid, &pTypeInfo);
     }
     else {