[Rubygems-developers] Executing code after installing gem
cfis at savagexi.com
Tue Nov 25 11:28:36 EST 2008
> RubyGems is not designed for arbitrary code execution, which will be a
> security concern.
Except it already does by letting a developer specify a Rakefile in
spec.extensions. That's how I hacked around RubyGems to correctly
install dependent dlls into the lib directory.
Not to mention the fact that once I have my gem installed, it can pretty
much do what it wants.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3237 bytes
Desc: S/MIME Cryptographic Signature
More information about the Rubygems-developers