--- ruby-1.8.1/eval.c.cve-2006-3694-3	2006-07-27 21:35:11.767210927 -0600
+++ ruby-1.8.1/eval.c	2006-07-27 21:40:30.087912382 -0600
@@ -1930,7 +1930,8 @@ rb_alias(klass, name, def)
 
     rb_clear_cache_by_id(name);
     st_insert(RCLASS(klass)->m_tbl, name,
-      (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin), orig->nd_noex));
+	     (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin),
+				   NOEX_WITH_SAFE(orig->nd_noex)));
     if (singleton) {
 	rb_funcall(singleton, singleton_added, 1, ID2SYM(name));
     }
@@ -5022,6 +5023,11 @@ rb_call0(klass, recv, id, oid, argc, arg
     TMP_PROTECT;
     volatile int safe = -1;
 
+    if (NOEX_SAFE(flags) > ruby_safe_level &&
+       !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
+       rb_raise(rb_eSecurityError, "calling insecure method: %s",
+		rb_id2name(id));
+    }
     switch (ruby_iter->iter) {
       case ITER_PRE:
 	itr = ITER_CUR;
@@ -5122,10 +5128,6 @@ rb_call0(klass, recv, id, oid, argc, arg
 	    b2 = body = body->nd_next;
 
 	    if (NOEX_SAFE(flags) > ruby_safe_level) {
-		if (!(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
-		    rb_raise(rb_eSecurityError, "calling insecure method: %s",
-			     rb_id2name(id));
-		}
 		safe = ruby_safe_level;
 		ruby_safe_level = NOEX_SAFE(flags);
 	    }