ModelBecomesTaintedOnTransaction

Hi All,

I noticed that my model class becomes tainted, after referencing to a
different table in find_by_sql + using a transaction. Both, the User
model and the Profile model will become tainted, however all other
tables will stay untainted.

if either condition 1 or condition 2 is commented out, the model will
not be tainted. After the model is being tainted, all derived objects
will be tainted to, thus the last call will fail with an SecurityError
(cause the safe level will be turned to 4 on call if the method is
being tainted)

Please, anybody, tell me why this happens???!!!

module
ModelBecomesTaintedOnTransaction_Why__ShortUncommentedTestVersion
  def self.test
    class << ActiveRecord::Base
      alias find_by_sql__WRAPPED find_by_sql

      def find_by_sql(*args, &block)
        result = find_by_sql__WRAPPED *args, &block
        result[0].profile if result[0].class.to_s=="User" # condition 1
        return result
      end
    end

    User.module_eval "def pedit; self.class.transaction(self){}; end" #
condition 2

    User.find(:first).method(:pedit).call # first call can be done in any
way(thus direct, with send or with call), condition 3
    User.find(:first).method(:pedit).call # second call must be with
"call", condition 4
  end
end

Thanks in advance

Mars