begin quoting James G. Sack (jim) as of Sun, Apr 30, 2006 at 07:20:59PM -0700: [snip] > 1) if you wish a script to be useful in a variety of environments.. > use #!/usr/bin/env prog
I really must remember to do that. I'm in the habit of customizing scripts to the machine, rather than trying to write a script that will run everywhere... if I want run-everywhere, I tend to reach for Java. I know TCL and perl are basically ubiquitous... they just don't FEEL that way to me. I haven't internalized that knowledge. > 2) but if a script is (say) o+x and (eg, for security) you wish the > script NOT to execute anything other than the known program at the known > absolute path, then you probably should hard code the path appropriate > for that host. So you have /usr/bin/interpreter, and $HOME/bin/interpreter, and you want the former to be used and the latter not to be used... how can you enforce it? You can't. A script needs +rx to be interpreted (+x alone won't do). So $HOME/bin/interpreter scriptname works just as well as /path/to/scriptname (for all of the scripting languages I know of that work with #! anyway). You don't even need +x for the script. One approach is to rerun the script from within the script using the known-good interpreter, but then, if you're worried about a compromised interpreter, that won't help much. So avoiding the env trick doesn't really buy you anything. Hm... Except the env-trick breaks file(1). I like file. That's something. -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
