晋太元中,武陵人捕鱼为业。缘溪行,忘路之远近。忽逢桃花林,夹岸数百步,中无杂树,芳草鲜美,落英缤纷。渔人甚异之,复前行,欲穷其林。   林尽水源,便得一山,山有小口,仿佛若有光。便舍船,从口入。初极狭,才通人。复行数十步,豁然开朗。土地平旷,屋舍俨然,有良田、美池、桑竹之属。阡陌交通,鸡犬相闻。其中往来种作,男女衣着,悉如外人。黄发垂髫,并怡然自乐。   见渔人,乃大惊,问所从来。具答之。便要还家,设酒杀鸡作食。村中闻有此人,咸来问讯。自云先世避秦时乱,率妻子邑人来此绝境,不复出焉,遂与外人间隔。问今是何世,乃不知有汉,无论魏晋。此人一一为具言所闻,皆叹惋。余人各复延至其家,皆出酒食。停数日,辞去。此中人语云:“不足为外人道也。”(间隔 一作:隔绝)   既出,得其船,便扶向路,处处志之。及郡下,诣太守,说如此。太守即遣人随其往,寻向所志,遂迷,不复得路。   南阳刘子骥,高尚士也,闻之,欣然规往。未果,寻病终。后遂无问津者。 sh-3ll

HOME


sh-3ll 1.0
DIR:/opt/alt/ruby32/share/rubygems/rubygems/security/
Upload File :
Current File : //opt/alt/ruby32/share/rubygems/rubygems/security/policies.rb
# frozen_string_literal: true

module Gem::Security

  ##
  # No security policy: all package signature checks are disabled.

  NoSecurity = Policy.new(
    "No Security",
    :verify_data => false,
    :verify_signer => false,
    :verify_chain => false,
    :verify_root => false,
    :only_trusted => false,
    :only_signed => false
  )

  ##
  # AlmostNo security policy: only verify that the signing certificate is the
  # one that actually signed the data.  Make no attempt to verify the signing
  # certificate chain.
  #
  # This policy is basically useless. better than nothing, but can still be
  # easily spoofed, and is not recommended.

  AlmostNoSecurity = Policy.new(
    "Almost No Security",
    :verify_data => true,
    :verify_signer => false,
    :verify_chain => false,
    :verify_root => false,
    :only_trusted => false,
    :only_signed => false
  )

  ##
  # Low security policy: only verify that the signing certificate is actually
  # the gem signer, and that the signing certificate is valid.
  #
  # This policy is better than nothing, but can still be easily spoofed, and
  # is not recommended.

  LowSecurity = Policy.new(
    "Low Security",
    :verify_data => true,
    :verify_signer => true,
    :verify_chain => false,
    :verify_root => false,
    :only_trusted => false,
    :only_signed => false
  )

  ##
  # Medium security policy: verify the signing certificate, verify the signing
  # certificate chain all the way to the root certificate, and only trust root
  # certificates that we have explicitly allowed trust for.
  #
  # This security policy is reasonable, but it allows unsigned packages, so a
  # malicious person could simply delete the package signature and pass the
  # gem off as unsigned.

  MediumSecurity = Policy.new(
    "Medium Security",
    :verify_data => true,
    :verify_signer => true,
    :verify_chain => true,
    :verify_root => true,
    :only_trusted => true,
    :only_signed => false
  )

  ##
  # High security policy: only allow signed gems to be installed, verify the
  # signing certificate, verify the signing certificate chain all the way to
  # the root certificate, and only trust root certificates that we have
  # explicitly allowed trust for.
  #
  # This security policy is significantly more difficult to bypass, and offers
  # a reasonable guarantee that the contents of the gem have not been altered.

  HighSecurity = Policy.new(
    "High Security",
    :verify_data => true,
    :verify_signer => true,
    :verify_chain => true,
    :verify_root => true,
    :only_trusted => true,
    :only_signed => true
  )

  ##
  # Policy used to verify a certificate and key when signing a gem

  SigningPolicy = Policy.new(
    "Signing Policy",
    :verify_data => false,
    :verify_signer => true,
    :verify_chain => true,
    :verify_root => true,
    :only_trusted => false,
    :only_signed => false
  )

  ##
  # Hash of configured security policies

  Policies = {
    "NoSecurity" => NoSecurity,
    "AlmostNoSecurity" => AlmostNoSecurity,
    "LowSecurity" => LowSecurity,
    "MediumSecurity" => MediumSecurity,
    "HighSecurity" => HighSecurity,
    # SigningPolicy is not intended for use by `gem -P` so do not list it
  }.freeze

end