[MacRuby-devel] MacRuby with Subprocesses

Perry E. Metzger perry at piermont.com
Wed Nov 3 10:53:21 PDT 2010


On Wed, 3 Nov 2010 13:46:24 -0400 Louis-Philippe
<default at spiralix.org> wrote:
> Totally agree Rob...  but right now it seems it does segfault on
> occasions and I think some serious bugs affecting functionalities
> and RubySpecs are still in the bugbase and I wouldn't like to
> dissolve those priorities with more exception handling error... I
> may not understand how important this segfault may be, so if you
> think its really worth it I'll let you file it.
> 
> 2010/11/3 Rob Gleeson <rob at flowof.info>
> 
> > I think you should still file a bug report -- MacRuby should
> > never ever segfault :)

Segfaults are *always* something that should be treated as
very high priority. Why? Because they indicate potential mechanisms
for exploitable security bugs. Any time you can make a runtime dump
core, you've probably hit on a path that can be used for shellcode.

You can never really know when someone might use a MacRuby based app
to view malicious content. It is almost impossible to predict in
advance what sorts of APIs such a system might use. Therefore, such
flaws have to be taken quite seriously.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the MacRuby-devel mailing list