[#40602] [ruby-trunk - Bug #5532][Open] Compile problem for bigdecimal on cygwin — Martin Dürst <duerst@...>
14 messages
2011/11/01
[#40646] [ruby-trunk - Bug #5541][Open] Better configure error message when llvm-gcc is the default compiler — Eric Hodel <drbrain@...7.net>
10 messages
2011/11/01
[#41137] [ruby-trunk - Bug #5541][Open] Better configure error message when llvm-gcc is the default compiler
— Motohiro KOSAKI <kosaki.motohiro@...>
2011/11/18
[#40647] [ruby-trunk - Bug #5542][Open] Ruby 1.9.3-p0 changed arity on default initialization method — Joshua Ballanco <jballanc@...>
7 messages
2011/11/01
[#40682] [ruby-trunk - Bug #5542] Ruby 1.9.3-p0 changed arity on default initialization method
— Joshua Ballanco <jballanc@...>
2011/11/02
[#40648] [ruby-trunk - Feature #5543][Open] rb_thread_blocking_region() API is poorly designed — Christopher Huff <cjameshuff@...>
14 messages
2011/11/01
[#40662] Relevant methods not appearing in RDoc — Andrew Grimm <andrew.j.grimm@...>
The method Module.private_constant isn't appearing in
6 messages
2011/11/01
[#40663] Re: Relevant methods not appearing in RDoc
— Eric Hodel <drbrain@...7.net>
2011/11/01
On Nov 1, 2011, at 3:45 PM, Andrew Grimm wrote:
[#40664] Re: Relevant methods not appearing in RDoc
— Andrew Grimm <andrew.j.grimm@...>
2011/11/01
On Wed, Nov 2, 2011 at 9:55 AM, Eric Hodel <drbrain@segment7.net> wrote:
[#40684] [ruby-trunk - Feature #5555][Open] rename #include? to #includes? — Alexey Muranov <muranov@...>
20 messages
2011/11/02
[#40966] [ruby-trunk - Feature #5555] rename #include? to #includes?
— Andrew Grimm <andrew.j.grimm@...>
2011/11/12
[#43765] [ruby-trunk - Feature #5555][Rejected] rename #include? to #includes?
— "matz (Yukihiro Matsumoto)" <matz@...>
2012/03/27
[#44592] Re: [ruby-trunk - Feature #5555][Rejected] rename #include? to #includes?
— Roger Pack <rogerdpack2@...>
2012/04/24
> The basic naming for methods in standard class libraries are:
[#44602] Re: [ruby-trunk - Feature #5555][Rejected] rename #include? to #includes?
— Nikolai Weibull <now@...>
2012/04/24
On Tue, Apr 24, 2012 at 15:47, Roger Pack <rogerdpack2@gmail.com> wrote:
[#44603] Re: [ruby-trunk - Feature #5555][Rejected] rename #include? to #includes?
— Roger Pack <rogerdpack2@...>
2012/04/24
>> It always confuses me how that one defies the rule.
[#40688] [ruby-trunk - Bug #5556][Open] SIGHUP no longer ignored when sent to process group from a subprocess — Brian Ford <brixen@...>
12 messages
2011/11/02
[#40706] [ruby-trunk - Feature #5562][Open] Improvement of Windows IO performance — Hiroshi Shirosaki <h.shirosaki@...>
39 messages
2011/11/03
[#40737] [ruby-trunk - Bug #5570][Open] Encoding of environment variables on Windows — Nikolai Weibull <now@...>
11 messages
2011/11/04
[#43237] [ruby-trunk - Bug #5570][Feedback] Encoding of environment variables on Windows
— Nobuyoshi Nakada <nobu@...>
2012/03/11
[#43289] Re: [ruby-trunk - Bug #5570][Feedback] Encoding of environment variables on Windows
— "U.Nakamura" <usa@...>
2012/03/15
Hello,
[#40748] Proposal for sustainable branch maintenance — "Yuki Sonoda (Yugui)" <yugui@...>
-----BEGIN PGP SIGNED MESSAGE-----
14 messages
2011/11/05
[#40753] Re: Proposal for sustainable branch maintenance
— Trans <transfire@...>
2011/11/05
Why maintain 1.9.1 at all? I don't see the benefit. People need to
[#40751] [ruby-trunk - Feature #5574][Open] Make arrays comparable — Arnau Sanchez <rbarnau@...>
8 messages
2011/11/05
[#40770] [ruby-trunk - Feature #5578][Open] Embedded YAML for Ruby 2.0 — Thomas Sawyer <transfire@...>
17 messages
2011/11/06
[#40816] [ruby-trunk - Feature #5578] Embedded YAML for Ruby 2.0
— Kurt Stephens <ks.ruby@...>
2011/11/07
[#40806] [ruby-trunk - Feature #5583][Open] Optionally typing — Yasushi ANDO <andyjpn@...>
21 messages
2011/11/07
[#40824] [ruby-trunk - Feature #5588][Open] add negation flag (v) to Regexp — Suraj Kurapati <sunaku@...>
38 messages
2011/11/08
[#40840] A quiz: Re: Second patch attempt for PATH_MAX fix in ruby1.9.1- 1.9.3~rc1-3 — Svante Signell <svante.signell@...>
Hello,
4 messages
2011/11/08
[#40845] [Ruby 1.8 - Bug #5599][Open] YAML.load_documents — Thomas Sawyer <transfire@...>
5 messages
2011/11/08
[#40865] IO.copy_stream creates files with restrictive permissions — Eric Wong <normalperson@...>
I'm not sure if this is a bug or intended as spec.
16 messages
2011/11/09
[#41151] Re: IO.copy_stream creates files with restrictive permissions
— Tanaka Akira <akr@...>
2011/11/19
2011/11/9 Eric Wong <normalperson@yhbt.net>:
[#41166] Re: IO.copy_stream creates files with restrictive permissions
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/20
>> I noticed when a file name argument is passed to the IO.copy_stream, the
[#41168] Re: IO.copy_stream creates files with restrictive permissions
— Clifford Heath <clifford.heath@...>
2011/11/20
On 20/11/2011, at 5:09 PM, KOSAKI Motohiro wrote:
[#41176] Re: IO.copy_stream creates files with restrictive permissions
— Tanaka Akira <akr@...>
2011/11/21
2011/11/20 Clifford Heath <clifford.heath@gmail.com>:
[#41180] Re: IO.copy_stream creates files with restrictive permissions
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/21
>> I think documentation is the wrong answer. The security defects are not caused
[#41181] Re: IO.copy_stream creates files with restrictive permissions
— Tanaka Akira <akr@...>
2011/11/21
2011/11/22 KOSAKI Motohiro <kosaki.motohiro@gmail.com>:
[#41185] Re: IO.copy_stream creates files with restrictive permissions
— Clifford Heath <clifford.heath@...>
2011/11/22
On 22/11/2011, at 9:39 AM, Tanaka Akira wrote:
[#41196] Re: IO.copy_stream creates files with restrictive permissions
— Tanaka Akira <akr@...>
2011/11/22
2011/11/22 Clifford Heath <clifford.heath@gmail.com>:
[#41219] Re: IO.copy_stream creates files with restrictive permissions
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/22
>> The umask that almost every Unix distribution has always had in /etc/profile - which is 022.
[#40867] Question regarding Ruby 2.0 backwards compatibility — Martin Bo煬et <martin.bosslet@...>
If I recall it correctly, the goal for 2.0 was to stay API-compatible
3 messages
2011/11/09
[#40898] [ruby-trunk - Feature #5605][Open] [PATCH] net/http: use IO.copy_stream for requests using body_stream — Eric Wong <normalperson@...>
7 messages
2011/11/10
[#40908] [ruby-trunk - Feature #5607][Open] Inconsistent reaction in Range of String — Yen-Nan Lin <redmine@...>
15 messages
2011/11/10
[#40941] [ruby-trunk - Feature #5617][Open] Allow install RubyGems into dediceted directory — Vit Ondruch <v.ondruch@...>
22 messages
2011/11/11
[#40943] [ruby-trunk - Bug #5619][Open] Segfault on OS X — Otto Hilska <otto@...>
9 messages
2011/11/11
[#40951] [Backport93 - Backport #5621][Open] Please backport thread-safe autoloading patch — Mike Perham <mperham@...>
25 messages
2011/11/12
[#40971] [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Mike Perham <mperham@...>
2011/11/12
[#40972] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Yehuda Katz <wycats@...>
2011/11/12
Unfortunately ruby-head has a deadlock in one of my go-to scenarios for
[#40976] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Hiroshi Nakamura <nahi@...>
2011/11/13
-----BEGIN PGP SIGNED MESSAGE-----
[#41128] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Charles Oliver Nutter <headius@...>
2011/11/18
On Sat, Nov 12, 2011 at 7:24 PM, Hiroshi Nakamura <nahi@ruby-lang.org> wrote:
[#41129] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Hiroshi Nakamura <nahi@...>
2011/11/18
-----BEGIN PGP SIGNED MESSAGE-----
[#41142] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Charles Oliver Nutter <headius@...>
2011/11/18
On Fri, Nov 18, 2011 at 12:15 AM, Hiroshi Nakamura <nahi@ruby-lang.org> wrote:
[#41144] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Hiroshi Nakamura <nahi@...>
2011/11/18
(2011/11/19 6:31), Charles Oliver Nutter wrote:
[#41145] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Charles Oliver Nutter <headius@...>
2011/11/19
On Fri, Nov 18, 2011 at 5:24 PM, Hiroshi Nakamura <nahi@ruby-lang.org> wrote:
[#41173] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Hiroshi Nakamura <nahi@...>
2011/11/21
(2011/11/19 9:08), Charles Oliver Nutter wrote:
[#40977] Re: [Backport93 - Backport #5621] Please backport thread-safe autoloading patch
— Hiroshi Nakamura <nahi@...>
2011/11/13
-----BEGIN PGP SIGNED MESSAGE-----
[#40982] [ruby-trunk - Bug #5625][Open] Remove profanity and pejoratives — Andrew Grimm <andrew.j.grimm@...>
30 messages
2011/11/13
[#40993] [ruby-trunk - Bug #5625][Third Party's Issue] Remove profanity and pejoratives
— Aaron Patterson <aaron@...>
2011/11/13
[#40996] Re: [ruby-trunk - Bug #5625][Third Party's Issue] Remove profanity and pejoratives
— Andrew Grimm <andrew.j.grimm@...>
2011/11/13
I was not aiming to protect children from the f-word. My intention was
[#41004] [ruby-trunk - Feature #5628][Open] Module#basename — Thomas Sawyer <transfire@...>
18 messages
2011/11/14
[#41010] [ruby-trunk - Feature #5628] Module#basename
— Andrew Grimm <andrew.j.grimm@...>
2011/11/14
[#41024] [ruby-trunk - Feature #5632][Open] Attempt to open included class shades it instead. — Boris Stitnicky <boris@...>
12 messages
2011/11/14
[#41025] Proposal to add new methods: positive? negative? natural? — JosFrancisco Calvo Moreno <josefranciscocalvo@...>
Hi all!
11 messages
2011/11/14
[#41027] Re: Proposal to add new methods: positive? negative? natural?
— Jeremy Evans <code@...>
2011/11/14
On 11/15 12:58, Jos? Francisco Calvo Moreno wrote:
[#41031] Re: Proposal to add new methods: positive? negative? natural?
— JosFrancisco Calvo Moreno <josefranciscocalvo@...>
2011/11/14
Hi Jeremy,
[#41034] Re: Proposal to add new methods: positive? negative? natural?
— Chuck Remes <cremes.devlist@...>
2011/11/14
[#41036] Re: Proposal to add new methods: positive? negative? natural?
— JosFrancisco Calvo Moreno <josefranciscocalvo@...>
2011/11/14
Hi Chuck,
[#41037] Re: Proposal to add new methods: positive? negative? natural?
— Anurag Priyam <anurag08priyam@...>
2011/11/14
2011/11/14 JosFrancisco Calvo Moreno <josefranciscocalvo@gmail.com>:
[#41058] Re: Proposal to add new methods: positive? negative? natural?
— JosFrancisco Calvo Moreno <josefranciscocalvo@...>
2011/11/15
I don't have a deep understanding of ruby core base types but I want to
[#41064] Re: Proposal to add new methods: positive? negative? natural?
— "NARUSE, Yui" <naruse@...>
2011/11/15
On IEEE 754 Floating Point Numbers, there are positive 0.0 and negative 0.0.
[#41071] Re: Proposal to add new methods: positive? negative? natural?
— JosFrancisco Calvo Moreno <josefranciscocalvo@...>
2011/11/16
Do you suggest the following?
[#41038] [ruby-trunk - Bug #5634][Open] yield and binding — Thomas Sawyer <transfire@...>
17 messages
2011/11/14
[#50144] [ruby-trunk - Bug #5634] yield and binding
— "ko1 (Koichi Sasada)" <redmine@...>
2012/11/26
[#50210] [ruby-trunk - Bug #5634] yield and binding
— "ko1 (Koichi Sasada)" <redmine@...>
2012/11/27
[#41078] mkmf sets CFLAGS to contain flags that it shouldn't be setting — Nikolai Weibull <now@...>
Hi!
7 messages
2011/11/16
[#41091] Re: mkmf sets CFLAGS to contain flags that it shouldn't be setting
— Nobuyoshi Nakada <nobu@...>
2011/11/17
Hi,
[#41094] Re: mkmf sets CFLAGS to contain flags that it shouldn't be setting
— Nikolai Weibull <now@...>
2011/11/17
On Thu, Nov 17, 2011 at 07:24, Nobuyoshi Nakada <nobu@ruby-lang.org> wrote:
[#41107] Re: mkmf sets CFLAGS to contain flags that it shouldn't be setting
— Nobuyoshi Nakada <nobu@...>
2011/11/17
Hi,
[#41108] Re: mkmf sets CFLAGS to contain flags that it shouldn't be setting
— Nikolai Weibull <now@...>
2011/11/17
On Thu, Nov 17, 2011 at 14:46, Nobuyoshi Nakada <nobu@ruby-lang.org> wrote:
[#41079] Why doesn’t mkmf’s have_macro add a HAVE_X to $defs? — Nikolai Weibull <now@...>
Hi!
5 messages
2011/11/16
[#41092] Re: Why doesn’t mkmf’s have_macro add a HAVE_X to $defs?
— Nobuyoshi Nakada <nobu@...>
2011/11/17
Hi,
[#41086] [ruby-trunk - Feature #5644][Open] add Enumerable#exclude? antonym — Suraj Kurapati <sunaku@...>
14 messages
2011/11/17
[#41114] [Backport93 - Backport #5646][Open] Backport r33775 — Aaron Patterson <aaron@...>
9 messages
2011/11/17
[#41401] [Backport93 - Backport #5646][Closed] Backport r33775
— Aaron Patterson <aaron@...>
2011/11/30
[#41414] Re: [Backport93 - Backport #5646][Closed] Backport r33775
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/30
> Also, is there a script for doing backports? t looks like the commit messages are generated.
[#41420] Re: [Backport93 - Backport #5646][Closed] Backport r33775
— Aaron Patterson <tenderlove@...>
2011/12/01
On Thu, Dec 01, 2011 at 02:19:31AM +0900, KOSAKI Motohiro wrote:
[#41422] Re: [Backport93 - Backport #5646][Closed] Backport r33775
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/12/01
>> > Also, is there a script for doing backports? t looks like the commit messages are generated.
[#41116] Pathname['abc'] instead of Pathname('abc') global method as constructor alternative — "Alexander E. Fischer" <aef@...>
Hello,
3 messages
2011/11/17
[#41149] autoload will be dead — Yukihiro Matsumoto <matz@...>
Hi,
11 messages
2011/11/19
[#41150] Re: autoload will be dead
— Yehuda Katz <wycats@...>
2011/11/19
Does this also mean that we will not enhance const_missing to support
[#41160] [ruby-trunk - Bug #5650][Open] Add rb_enc_raise() to allow C extensions to raise errors with messages with correct encoding — Nikolai Weibull <now@...>
3 messages
2011/11/19
[#41161] conflict between 1.8.7 and 1.9.3 installations — Joel VanderWerf <joelvanderwerf@...>
6 messages
2011/11/19
[#41162] Re: conflict between 1.8.7 and 1.9.3 installations
— Nobuyoshi Nakada <nobu@...>
2011/11/20
Hi,
[#41164] Re: conflict between 1.8.7 and 1.9.3 installations
— Joel VanderWerf <joelvanderwerf@...>
2011/11/20
On 11/19/2011 04:55 PM, Nobuyoshi Nakada wrote:
[#41171] [ruby-trunk - Feature #5653] "I strongly discourage the use of autoload in any standard libraries" (Re: autoload will be dead) — Hiroshi Nakamura <nakahiro@...>
3 messages
2011/11/21
[#41175] [ruby-trunk - Feature #5654][Open] Introduce global lock to avoid concurrent require — Hiroshi Nakamura <nakahiro@...>
12 messages
2011/11/21
[#41186] [ruby-trunk - Bug #5657][Open] Constants in included modules aren't visible when defining classes with Class.new — Gary Bernhardt <gary.bernhardt@...>
5 messages
2011/11/22
[#41211] Availability of ruby/intern.h — Aaron Patterson <tenderlove@...>
Are functions accessible via ruby/intern.h considered to be "public"
4 messages
2011/11/22
[#41212] [ruby-trunk - Feature #5662][Open] inject-accumulate, or Haskell's mapAccum* — Edvard Majakari <edvard.majakari@...>
12 messages
2011/11/22
[#41213] [ruby-trunk - Bug #5663][Open] Combined map/select method — Yehuda Katz <wycats@...>
62 messages
2011/11/22
[#41294] [ruby-trunk - Feature #5663] Combined map/select method
— Nobuyoshi Nakada <nobu@...>
2011/11/25
[#45334] [ruby-trunk - Feature #5663] Combined map/select method
— "alexeymuranov (Alexey Muranov)" <redmine@...>
2012/05/31
[#41217] [ruby-trunk - Bug #5663] Combined map/select method
— Rodrigo Rosenfeld Rosas <rr.rosas@...>
2011/11/22
[#41391] [ruby-trunk - Feature #5663] Combined map/select method
— Rodrigo Rosenfeld Rosas <rr.rosas@...>
2011/11/29
[#41256] [ruby-trunk - Feature #2567] Net::HTTP does not handle encoding correctly — Yui NARUSE <naruse@...>
3 messages
2011/11/23
[#41262] [ruby-trunk - Feature #5666][Open] Make rb_path2class public — Aaron Patterson <aaron@...>
6 messages
2011/11/23
[#41302] [ruby-trunk - Feature #5673][Open] undef_method probably doesn't need to raise an error — Thomas Sawyer <transfire@...>
8 messages
2011/11/26
[#41314] [ruby-trunk - Bug #5675][Open] [mingw] static build fails due to socket extension build failure — Jon Forums <redmine@...>
7 messages
2011/11/26
[#41324] Re: [ruby-trunk - Bug #5675][Open] [mingw] static build fails due to socket extension build failure
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/27
> compiling ../../../ext/socket/socket.c
[#41330] Re: [ruby-trunk - Bug #5675][Open] [mingw] static build fails due to socket extension build failure
— Luis Lavena <luislavena@...>
2011/11/27
On Sun, Nov 27, 2011 at 4:11 AM, KOSAKI Motohiro
[#41332] Re: [ruby-trunk - Bug #5675][Open] [mingw] static build fails due to socket extension build failure
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/27
2011/11/27 Luis Lavena <luislavena@gmail.com>:
[#41321] [Proposal] C API arrangement — Yugui <yugui@...>
Hi, mame-san
4 messages
2011/11/27
[#41336] Wrong encoding of Symbol — Andriy Tyurnikov <andriy.tyurnikov@...>
By default Symbols are encoded as US-ASCII,
10 messages
2011/11/27
[#41344] Re: Wrong encoding of Symbol
— Nobuyoshi Nakada <nobu@...>
2011/11/28
Hi,
[#41349] Re: Wrong encoding of Symbol
— Yukihiro Matsumoto <matz@...>
2011/11/28
Hi,
[#41353] Re: Wrong encoding of Symbol
— "Michel Demazure" <michel@...>
2011/11/28
Matz wrote :
[#41338] [ruby-trunk - Feature #5677][Open] IO C API — Martin Bosslet <Martin.Bosslet@...>
13 messages
2011/11/27
[#41340] [ruby-trunk - Feature #5678][Open] StringIO#to_str — Martin Bosslet <Martin.Bosslet@...>
8 messages
2011/11/28
[#41351] [ruby-trunk - Bug #5679][Open] Too many arguments for format warnings on mingw32 build — Heesob Park <phasis@...>
5 messages
2011/11/28
[#41368] Re: [ruby-trunk - Bug #5679][Open] Too many arguments for format warnings on mingw32 build
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/28
> I can see the following warnings during mingw32 build.
[#41370] [ruby-trunk - Bug #5681][Open] Conflcting types for rb_w32_inet_ntop caused by duplicate definition under MinGW — Luis Lavena <luislavena@...>
7 messages
2011/11/28
[#41373] Re: [ruby-trunk - Bug #5681][Open] Conflcting types for rb_w32_inet_ntop caused by duplicate definition under MinGW
— KOSAKI Motohiro <kosaki.motohiro@...>
2011/11/28
2011/11/28 Luis Lavena <luislavena@gmail.com>:
[#41404] [ruby-trunk - Bug #5690][Open] Module#qualified_const_get — Yehuda Katz <wycats@...>
31 messages
2011/11/30
[#41406] Re: [ruby-trunk - Bug #5690][Open] Module#qualified_const_get
— Yukihiro Matsumoto <matz@...>
2011/11/30
Hi,
[#46001] [ruby-trunk - Bug #5690] Module#qualified_const_get
— "marcandre (Marc-Andre Lafortune)" <ruby-core@...>
2012/06/30
[#46645] [ruby-trunk - Feature #5690] Module#qualified_const_get
— "mame (Yusuke Endoh)" <mame@...>
2012/07/23
[ruby-core:41168] Re: IO.copy_stream creates files with restrictive permissions
From:
Clifford Heath <clifford.heath@...>
Date:
2011-11-20 06:34:37 UTC
List:
ruby-core #41168
On 20/11/2011, at 5:09 PM, KOSAKI Motohiro wrote: >>> I noticed when a file name argument is passed to the IO.copy_stream, the >>> newly-created destination file has 0600 perms and is not respecting my >>> normal umask (0022). >> >> Sometimes the convention, 0666 by default, causes security problem: >> It causes world writable files if users forget to set correct umask. >> >> There are various umask related security problem: >> CVE-1999-1572, CVE-2001-1322, CVE-2005-1841, CVE-2006-1587, >> CVE-2006-3589, CVE-2007-6249 >> >> So I didn't use 0666. >> >> 0600 may be too restrictive but you can use File.chmod to relax it. > > If you don't follow normal convention intentionally, is there any > reason to don't write a documentation explicitly? I think documentation is the wrong answer. The security defects are not caused by programs using mode 0666 - which they should do by default - but by the user having set their umask incorrectly. Ruby should not attempt to prevent this user error. There are situations where it's legal to create a file, but because of setuid mode on the directory, it's not possible for the program to chmod the new file. This problem can only be avoided by using the correct mode at creation. If you feel that Ruby *must* do something to address the umask problem, then please consider whether Ruby should save the startup umask into a global constant before changing for a more restrictive setting. This allows the programmer to set umask back and avoid the "nanny state" setting. Still, I don't favour this anyway. To attempt to prevent programmers from creating insecure programs by restricting functionality is a hopeless quest. Clifford Heath.