From b5e8e33ddc880c98c30a1abe644c6af2e57b5496 Mon Sep 17 00:00:00 2001
From: charliesome <charliesome@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sat, 27 Apr 2013 14:54:37 +0000
Subject: * lib/yaml.rb: add security warning to YAML documentation

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40500 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/yaml.rb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib')

diff --git a/lib/yaml.rb b/lib/yaml.rb
index 76657cdd0b..f2177accbd 100644
--- a/lib/yaml.rb
+++ b/lib/yaml.rb
@@ -73,6 +73,10 @@ end
 #     YAML.dump("foo")     # => "--- foo\n...\n"
 #     { :a => 'b'}.to_yaml  # => "---\n:a: b\n"
 #
+# Do not use YAML to load untrusted data. Doing so is unsafe and could allow
+# malicious input to execute arbitrary code inside your application. Please see
+# doc/security.rdoc for more information.
+#
 # For more advanced details on the implementation see Psych, and also check out
 # yaml.org for spec details and other helpful information.
 module YAML; end
-- 
cgit v1.2.3