e$B1J0f!wCNG=!%6e9)Bg$G$9!%e(B
e$BI8Bj$N7o$K$D$$$F$G$9$+!$$I$3$+$K$^$H$a$i$l$?>pJs$H$+$O$J$$$G$7$g$&$+!)e(B
e$B$H$j$"$($:8=>u$G!$e(Brb_str_intern e$B$N;EMMJQ99$Ge(B
SecurityError e$B$r=P$9$h$&$K$J$C$F:$$C$F$^$9!%e(B
e$BB>$K$b;EMMJQ99$,$"$k$J$i$=$l$K9g$o$;$?BP:v$,I,MW$K$J$j$=$&$G$9$N$G!$e(B
e$B>pJse(B (e$B!VL$@0M}$GITL@!W$H$$$&>pJs$r4^$`e(B)
e$B$r8fB8CN$NJ}$,$"$j$^$7$?$ie(B
e$B65$($F$$$?$@$1$J$$$G$7$g$&$+!%e(B
rb_str_intern e$B$N;EMMJQ99$N7o$O!$e(B
1.8 e$B$K$OB8:_$7$?e(B !rb_sym_interned_p(str)
e$B$N%A%’%C%/$,>C$($?$?$a!$e(B
e$BEO$5$l$?J8;zNs$r%A%’%C%/$7$Fe(B send
e$B$GAw$k$h$&$K$7$F$$$?$b$N$,e(B
e$BF0$+$J$/$J$C$?e(B (Insecure: can’t intern tainted string)
e$B$H$$$&$b$N$G$9!%e(B
e$B$3$N;EMMJQ99$OI,MW$J$b$N$@$C$?$N$G$7$g$&$+!)e(B
symbol e$B$,e(B GC e$B$5$l$J$$$?$a$KEPO?$5$l$ke(B symbol e$B$NNL$re(B
e$BGzH/$5$;$J$$$?$a$H$$$&$N$J$iM}2r$G$-$b$9$k$N$G$9$,!$e(B
rb_sym_interned_p e$B$O$9$G$KB8:_$9$k$b$N$K$D$$$F$Oe(B OK
e$B$H$$$&$3$H$Ge(B
e$BG{$j$rF~$l$F$$$k$o$1$G$9$N$G!$EPO?e(B symbol
e$BNL$OA}$($^$;$s$h$M!)e(B
e$B$=$l$K!$e(B
s = ‘foo’.taint; Thread.new{$SAFE=4; eval “:#{s}”}.value
e$B$H$+e(B
Thread.new{$SAFE=4; s = ‘foo’; eval “:#{s}” if s.tainted?}.value
e$B$H$+$OLdBj$J$/<B9T$G$-$F!$$"$C$5$j$He(B symbol
e$B$r@8@.$7$F$7$^$&$N$Ge(B
e$B;EMMJQ99$NM}M3$,$h$/J,$+$i$J$$$G$9!%e(B
e$B$=$l$H$b!$C1$K;d$,%;%-%e%j%F%#$NLdBj$rM}2r$G$-$F$$$J$$$@$1$G!$e(B
e$B%;%-%e%j%F%#%[!<%k$K$J$j$&$k$h$&$JJL$N%1!<%9$,B8:_$9$k$N$G$7$g$&$+!)e(B