Wouldn't it need to happen at a lower level than merely having some bindings to tame()? I mean, the interpreter itself wouldn't be subject to tame(), even if some specific C calls made within your Python or Ruby program are; when you call a Python or Ruby function that makes syscalls on your behalf (which is a lot of syscalls), they wouldn't be subject to tame(). But, maybe I'm misunderstanding how it works. It doesn't appear to be a switch that turns on tame() for the whole process.
I don't know that it would be useless when wrapped and called from Python or Ruby, but it seems unlikely to have the same effect it has on C code (but, then again, C code needs a lot more help than Python or Ruby).
Wouldn't tame applied to the process that called it? And for an interpreted language, that would be the interpreter. And if the interpreter can't is unable to do something, then the interpreted code would be unable to do it too.
Ah, yes, I guess you're right. I was thinking this wasn't just a switch for the whole process, but reading the examples again, I see that it is a switch for the whole process. So, it isn't as comparable to taint (which attaches to data, rather than the whole process) as I'd initially thought, except in the sense of being an automated method to prevent some kinds of stupid security mistakes.
