Mike Hommey m...@glandium.org writes:
On Thu, Jul 02, 2009 at 02:26:21PM -0700, Russ Allbery wrote:
Jonathan Yu jonathan.i...@gmail.com writes:
How to fix them? Write Perl scripts, and turn on taint checking --
that fixes the four issues above, because it makes the script exit if
any of
Hi,
it seems to me that the current CDPATH behaviour is verry strange and
extremly dangerous for shell scripts.
For those that have never heart of CDPATH it does 2 things:
1) a relative cd command with search the CDPATH for the given
directory. If unset then '.' is used.
2) it outputs the
[...]
So what is the right course of action here?
1) unset CDPATH in every single shell script there is?
2) never use relartive paths for cd in scripts?
3) shoot the user for doing something dumb?
4) disable CDPATH in /bin/sh (or is that POSIX?) or non-interactive
scripts (would break
Hi:
There are lots of variables which do nasty things.
In particular (copying this from perldoc of a module I wrote):
PATH
PATH provides a list of paths to search for executables, which
influences which commands are invoked by unqualified calls to system()
and others. This variable is
Jonathan Yu jonathan.i...@gmail.com writes:
How to fix them? Write Perl scripts, and turn on taint checking --
that fixes the four issues above, because it makes the script exit if
any of them look dangerous. Env::Sanctify::Auto is a Perl module that
automatically cleans up the paths.
My
On Thu, Jul 2, 2009 at 5:26 PM, Russ Allberyr...@debian.org wrote:
Jonathan Yu jonathan.i...@gmail.com writes:
How to fix them? Write Perl scripts, and turn on taint checking --
that fixes the four issues above, because it makes the script exit if
any of them look dangerous.
Russ Allbery r...@debian.org writes:
Jonathan Yu jonathan.i...@gmail.com writes:
How to fix them? Write Perl scripts, and turn on taint checking --
that fixes the four issues above, because it makes the script exit if
any of them look dangerous. Env::Sanctify::Auto is a Perl module that
On Thu, Jul 2, 2009 at 5:44 PM, Goswin von Brederlowgoswin-...@web.de wrote:
Russ Allbery r...@debian.org writes:
Jonathan Yu jonathan.i...@gmail.com writes:
How to fix them? Write Perl scripts, and turn on taint checking --
that fixes the four issues above, because it makes the script exit
Jonathan Yu jonathan.i...@gmail.com writes:
On Thu, Jul 2, 2009 at 5:26 PM, Russ Allberyr...@debian.org wrote:
I would really prefer that people not start writing maintainer
scripts in Perl as a matter of course. Perl is harder to analyze for
programs like lintian than shell scripts (which
Jonathan Yu jonathan.i...@gmail.com writes:
Another option might be to break from POSIX/etc policy (I'm not sure
where these variables are defined) and patch our command like 'cd' to
simply ignore 'CDPATH' etc. But I suppose this would then require
patches in all the various shells available
On Fri, Jul 03, 2009 at 01:01:41AM +0200, Goswin von Brederlow wrote:
As a middle ground I wouldn't mind $SHELL to unset CDPATH when it
switches from an interactive shell to a non-interactive shell, when a
script with #! $SHELL is executed. That one is just to damn scary.
I don't think that's
On Thu, Jul 02, 2009 at 02:26:21PM -0700, Russ Allbery wrote:
Jonathan Yu jonathan.i...@gmail.com writes:
How to fix them? Write Perl scripts, and turn on taint checking --
that fixes the four issues above, because it makes the script exit if
any of them look dangerous.
12 matches
Mail list logo
