This method removes a file system entry path. path shall be a regular file, a directory, or something. If path is a directory, remove it recursively. This method is required to avoid TOCTTOU (time-of-check-to-time-of-use) local security vulnerability of rm_r. rm_r causes security hole when:
* Parent directory is world writable (including /tmp). * Removing directory tree includes world writable directory. * The system has symbolic link.
To avoid this security hole, this method applies special preprocess. If path is a directory, this method chown(2) and chmod(2) all removing directories. This requires the current process is the owner of the removing whole directory tree, or is the super user (root).
WARNING: You must ensure that ALL parent directories cannot be moved by other untrusted users. For example, parent directories should not be owned by untrusted users, and should not be world writable except when the sticky bit set.
WARNING: Only the owner of the removing directory tree, or Unix super user (root) should invoke this method. Otherwise this method does not work.
For details of this security vulnerability, see Perl’s case:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
For fileutils.rb, this vulnerability is reported in [ruby-dev:26100].
This method removes a file system entry path. path shall be a regular file, a directory, or something. If path is a directory, remove it recursively. This method is required to avoid TOCTTOU (time-of-check-to-time-of-use) local security vulnerability of rm_r. rm_r causes security hole when:
* Parent directory is world writable (including /tmp). * Removing directory tree includes world writable directory. * The system has symbolic link.
To avoid this security hole, this method applies special preprocess. If path is a directory, this method chown(2) and chmod(2) all removing directories. This requires the current process is the owner of the removing whole directory tree, or is the super user (root).
WARNING: You must ensure that ALL parent directories cannot be moved by other untrusted users. For example, parent directories should not be owned by untrusted users, and should not be world writable except when the sticky bit set.
WARNING: Only the owner of the removing directory tree, or Unix super user (root) should invoke this method. Otherwise this method does not work.
For details of this security vulnerability, see Perl’s case:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
For fileutils.rb, this vulnerability is reported in [ruby-dev:26100].
Decode URL-encoded form data from given str.
This decodes application/x-www-form-urlencoded data and returns array of key-value array.
This refers url.spec.whatwg.org/#concept-urlencoded-parser , so this supports only &-separator, don’t support ;-separator.
ary = URI.decode_www_form("a=1&a=2&b=3") p ary #=> [['a', '1'], ['a', '2'], ['b', '3']] p ary.assoc('a').last #=> '1' p ary.assoc('b').last #=> '3' p ary.rassoc('a').last #=> '2' p Hash[ary] # => {"a"=>"2", "b"=>"3"}
Returns a list of paths matching glob from the latest gems that can be used by a gem to pick up features from other gems. For example:
Gem.find_latest_files('rdoc/discover').each do |path| load path end
if check_load_path is true (the default), then find_latest_files also searches $LOAD_PATH for files as well as gems.
Unlike find_files, find_latest_files will return only files from the latest version of a gem.
Register a Gem::Specification for default gem.
Two formats for the specification are supported:
MRI 2.0 style, where spec.files contains unprefixed require names. The spec’s filenames will be registered as-is.
New style, where spec.files contains files prefixed with paths from spec.require_paths. The prefixes are stripped before registering the spec’s filenames. Unprefixed files are omitted.
Paths where RubyGems’ .rb files and bin files are installed
Deduce Ruby’s –program-prefix and –program-suffix from its install name
The default signing key path
The default signing certificate chain path
Should be implemented by a extended class.
tsort_each_node is used to iterate for all nodes over a graph.
Attempts to activate the current {#possibility} @return [void]
See the OpenSSL documentation for EC_GROUP_get_cofactor()
Is this tar entry a directory?
@return [String] a string suitable for debugging
Iterates the given block for each element with an arbitrary object, obj, and returns obj
If no block is given, returns a new Enumerator.
to_three = Enumerator.new do |y| 3.times do |x| y << x end end to_three_with_string = to_three.with_object("foo") to_three_with_string.each do |x,string| puts "#{string}: #{x}" end # => foo:0 # => foo:1 # => foo:2
DO NOT USE THIS DIRECTLY.
Hook method to return whether the obj can respond to id method or not.
When the method name parameter is given as a string, the string is converted to a symbol.
See respond_to?, and the example of BasicObject.
Returns true if ios will be closed on exec.
f = open("/dev/null") f.close_on_exec? #=> false f.close_on_exec = true f.close_on_exec? #=> true f.close_on_exec = false f.close_on_exec? #=> false
Sets a close-on-exec flag.
f = open("/dev/null") f.close_on_exec = true system("cat", "/proc/self/fd/#{f.fileno}") # cat: /proc/self/fd/3: No such file or directory f.closed? #=> false
Ruby sets close-on-exec flags of all file descriptors by default since Ruby 2.0.0. So you don’t need to set by yourself. Also, unsetting a close-on-exec flag can cause file descriptor leak if another thread use fork() and exec() (via system() method for example). If you really needs file descriptor inheritance to child process, use spawn()‘s argument such as fd=>fd.
Returns a relative path from the given base_directory to the receiver.
If self is absolute, then base_directory must be absolute too.
If self is relative, then base_directory must be relative too.
This method doesn’t access the filesystem. It assumes no symlinks.
ArgumentError is raised when it cannot find a relative path.
creates a UNIX server socket on path
If no block given, it returns a listening socket.
If a block is given, it is called with the socket and the block value is returned. When the block exits, the socket is closed and the socket file is removed.
socket = Socket.unix_server_socket("/tmp/s") p socket #=> #<Socket:fd 3> p socket.local_address #=> #<Addrinfo: /tmp/s SOCK_STREAM> Socket.unix_server_socket("/tmp/sock") {|s| p s #=> #<Socket:fd 3> p s.local_address #=> # #<Addrinfo: /tmp/sock SOCK_STREAM> }