On Sunday 03 August 2008 12:47:30 Tim H. wrote:
Because gem install runs as root, allowing arbitrary code to run during
install is considered a security risk.
Even if it’s trusted, it starts to defeat the purpose of a package
See, anything I can “gem install”, I can, with confidence, “gem
About the only thing missing for me at this point is reverse
but it’s reasonably easy for me to nuke all gems on my system. With the
Ubuntu-ized Rubygems, even easier – I can just blow away
and start over.
If a gem could run arbitrary code during installation, that would mean I
have no way, short of analyzing the source code, to know what it
or how to clean up after it when I decide I don’t like it after all.
Now, of course, you can always misbehave with the actual binary, because
is running arbitrary code. But forcing you to do it that way hopefully
discourages you from messing with my system – after all, I might not be
running that command as root.
So it’s not just a security risk – it’s a cruft risk, as well.