Covered In This Episode:
- Running Other Programs
- Safe Levels
Hello Everybody and welcome to Programming With Ruby Episode 17,
Getting Advanced. I’m Tyler, and this video is brought to you by
By now, you know a large amount about Ruby, so in this episode we will
be going over some advanced features that Ruby has.
More specifically I will be teaching you what Symbols are, and when to
use them. I will be showing you how to use eval, and how to use
bindings with eval. You will learn how to run other programs from
Ruby. Finally I will show you what safe levels are.
Lets get started!
Symbols are a type of variable that are very much like strings, but
more lightweight. Symbols look like this:
Symbols can’t be manipulated like strings can, which seems like a huge
drawback, but they do have a couple benefits.
Each time you use a string, to say access a hash. Ruby creates an
instance of that string. Where if you use a symbol, it is only ever
instanced once. Meaning that the use of symbols will take up less
memory than strings will, if you are, say accessing a hash many times.
Symbols are also slightly easier to type since the colon is on the
home row on US keyboards.
eval is a way of running Ruby code that is contained in a string. For
example, lets say you have a string that looks like this:
"puts 'Hello World'"
It is just a simple string, so it does nothing. But, if you use the
method eval on that string it will execute the code inside. So this
will print Hello World! on to the screen:
eval "puts 'Hello World!'"
This isn’t always useful, but you can use it if you want your users to
be able to enter Ruby code into your program.
You can also pass bindings to eval. So if we had this method
def my_method my_binding eval "puts x", my_binding end x = 5 my_method binding
Some of you may notice that the variable x isn’t defined in the method
my_method. By using the binding method, we can make variable scopes portable!
Running Other Programs
There comes a time when you will want to be able to run a program from
Ruby, maybe you want to automate something, or simply get the output
from an external program.
There are a few ways of doing this.
The first is with the method exec, which runs an external programs,
and quits the Ruby script at the same time:
exec('ls') # dir on windows # Program never gets here
There is also system, which does the same thing, but doesn’t quit the
Ruby script, and returns true or false if the program was successful:
system('ls') # dir on windows # we do get this far
Finally we have the “back-tick” `. Which looks like a sideways single
quote. On my keyboard it is above the tab key. You surround your
command in the back-ticks, like you would for a sting. Unlike the other
two methods of running a program, this method also returns the output
of the program you run.
variable = `ls`
If you are running a Ruby interpreter online or in another environment
where users can enter in and run Ruby code. They hold the ability to
wreak havoc on your system.
The way to prevent this from happening is by using safe levels. Safe
levels are a way of preventing the user from getting access to the
file system, or changing any variables that the program has.
You set safe levels by setting the $SAFE variable. By default it is
set to zero.
$SAFE = 4
Ruby “taints” objects that could be dangerous.
There are five different safe levels.
0 => The default, you can do anything
1 => Can’t use environment variable, eval, load, require, and more.
2 => Same as above and also can’t use files
3 => All objects created are tainted, can’t be untainted
4 => You can do almost nothing… Can’t modify the untainted, can’t
use exit. Basically completely safe and sand-boxed.
That brings us to the end of the episode. If you liked these videos,
please donate. It costs me in both money and time to make them.
If you have any questions, comments, or suggestions please don’t
hesitate to leave a comment on this page or email me at
Thanks for watching, goodbye!