3 postgresql-plruby-0.5.7-1.fc30.src.rpm
Build fails: https://koji.fedoraproject.org/koji/taskinfo?taskID=32181377
Succeeds for rawhide (ruby2.5) https://koji.fedoraproject.org/koji/taskinfo?taskID=32181375
+ ruby extconf.rb --vendor --with-safe-level=1 --with-pg-config=/usr/bin/pg_server_config
...
...
BUILDSTDERR: extconf.rb:175:in `directory?': Insecure operation - directory? (SecurityError)
Perhaps related to ruby changes with regard to security model.
This is interesting issue. It fails at this line:
https://github.com/devrimgunduz/postgresql-plruby/blame/master/extconf.rb#L170
Similar reproducer IMO could be:
~~~
$ ruby -e '$SAFE=1; Dir.foreach(".") {|d| File.directory?(d)}'
~~~
This fails on Ruby 2.5 as well as Ruby 2.6, what is somehow expected given that the `d` is tainted. However, how comes that it passes in the extconf.rb for Ruby 2.5?
IOW the workarond/fix could be as simple as `dir.untaint` but it does not explain why it worked and does not work anymore :/ Thoughts?
Vít