Check out _why’s Sandbox: http://redhanded.hobix.com/inspect/freakyfreakyNowResumesItsUsualSandlySelf.html
Actually it is more complicated than just SAFE. Sandbox pushes the level of the interpreter ‘up’ into another namespace so that core objects(e.g. Kernel) can’t be hacked. Allowing for cool stuff like running multiple interpreters inside of a single Ruby process. Also it is written in C that extends/changes Ruby to make it happen. Sandbox is now bundled into the Ruby distribution from 1.8.5+.