In large programs, especially when heavy abstraction is involved, it's sometimes impossible to tell where your data is coming from. Consider the following situation: a server application takes user input from a client and does some processing. It then offloads some of this processing (for example, resizing an image file) to an external program using the backtick operator. The command passed to the operating system is partially comprised of input from the client, which cannot be trusted.


A potential security risk arises.

"Tainted" objects are those that have come from some type of user input. Either from a file, the keyboard or the network, unless the object is a literal in the program or created by the program directly, it will be tainted. The tainted flag is always there on your objects, all you have to do is check it before you do anything unsafe. If you've confirmed that the data is indeed safe, you can then untaint the object.

In addition, any object created from or derived from a tainted object will also be marked tainted. So, if you do a = gets.chomp, a will be tainted and if you then do b = a.reverseb will then also be tainted.