Product SiteDocumentation Site

2.1.2. Object.untrusted?

At higher safe levels (see safe level 4 below) any code is automatically untrusted and interpreter prevents execution of untrusted code on trusted objects. In Ruby 1.8, taint flag is also used to mark objects as untrusted, so untrusted code is not allowed to modify untainted objects. In addition, any object created by untrusted code is tainted. This effectively allows to sandbox an untrusted code, which will not be allowed to modify "trusted" objects.
Mixing taint and trust of object has serious drawback - untrusted code is allowed to modify all tainted objects (even if they come from trusted code).
Ruby 1.9 adds another flag to each object to mark it as untrusted. Untrusted code is now allowed only to modify untrusted objects (ignoring taint flag), and objects created by untrusted code are automatically marked as untrusted and tainted. To check and modify trust flag use methods Object.untrusted?, Object.untrust and Object.trust.
However, Ruby 2.1 deprecates trust flag and the behaviour of above methods is the same as Object.tainted?, Object.taint and Object.untaint. This change comes together with removal of safe level 4, which makes trust flag useless (see issue on ruby-lang or read below).