Description of problem: Vulnerabilities has been reported in Ruby, which can be proceeded insecure operations that originally wasn't expected in the certain safe-level restrictions. Version-Release number of selected component (if applicable): all versions of Ruby without any exceptions, such as 1.6.x and 1.8.x. How reproducible: always Steps to Reproduce: 1.ruby dir_jvn13947696.rb 2.ruby dir_jvn13947696_2.rb 3. Actual results: no exceptions. Expected results: $ ruby dir_jvn13947696.rb dir_jvn13947696.rb:5:in `read': Insecure: operation on untainted Dir (SecurityError) from dir_jvn13947696.rb:3:in `join' from dir_jvn13947696.rb:3 $ ruby dir_jvn13947696_2.rb dir_jvn13947696_2.rb:5:in `close': Insecure: can't close (SecurityError) from dir_jvn13947696_2.rb:3:in `join' from dir_jvn13947696_2.rb:3 Additional info: This affects to FC4 and FC5 as well.
Created attachment 132732 [details] testcase1
Created attachment 132733 [details] testcase2
Created attachment 132734 [details] testcase3 Forgot to mention one more. Actual Result: no exception. Expected Result: $ ruby regexp_jvn13947696.rb regexp_jvn13947696.rb:5:in `initialize': Insecure: can't modify regexp (SecurityError) from regexp_jvn13947696.rb:3:in `join' from regexp_jvn13947696.rb:3
Fixed in: devel - 1.8.4-11.fc6 FC-5 - 1.8.4-8.fc5 FC-4 - 1.8.4-3.fc4
ruby-1.8.4-8.fc5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.