RubyFlow The Ruby and Rails community linklog

Afraid of the big nasty gem?

by gravis

A malicious gem could do pretty much everything on the environment that runs its code, from stealing critical data to taking control over the entire operating system. It may only take minutes for the malicious software to access poorly protected files or to exploit its way up, from running as restricted user to escalating to a privileged user. Read More

Comments

Thank you for posting a great article about Gem Security. :)

xiruki

The title made me think this would be an article about active_support ;)

shanna

I really hope active_support is safe ;)

gravis

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in