|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: David Wheeler (dwheeler
IDA.ORG)Date: Sun Feb 04 2001 - 22:37:56 CST
Matt Block said:
>Most of the merit of the points I discussed in my response to your
>advisory can be subsumed in a difference of opinion as to whether the
>BROWSER implementation is intended to pass through shell interpretation
>or not.
Perhaps Eric Raymond didn't mean it, but his demo C patch of urlview
clearly calls system(), which in C invokes the shell.
I don't have my Emacs LISP documents handy, but his emacs LISP code
invokes the URL using: "(start-process-shell-command
url nil (format ,command url)" -- given the function name I expect that it
calls the shell too.
Certainly the safest approach would be to specify that this convention
must _NOT_ call through the shell; there's no real requirement for it!
If the convention doesn't call the shell, but a user wants
the shell's abilities, that user can simply write a shell script and list
that script's name in the BROWSER command. In any case, this question
needs to be clearly specified, or the same BROWSER command will be
interpreted in different ways by different programs.
This kind of ambiguity is pretty common in a brand-new proposal.
> - Second, extend the BROWSER standard by adding an optional regular
> expression of patterns on which the particular browser will choke
I think this requires too much of the library/application developers -
they'd have to parse and obey a separate command set.
It'd be easier to simply specify standard substitutions that are always
done, and if the user doesn't like it, the user can write a single
wrapper program and specify the wrapper instead (that way all the other
programs will call it). Requiring a few "harmless" substitutions that that
won't matter for some, but will protect others, sounds like a bargain,
especially if you're doing substitutions anyway.
I'll rethink this and try again. I'll probably post a URL instead of the
entire contents, just to reduce mailing list bandwidth.
> Has similar thought been given to other commonly set environment
> variables? Any effort to sanitize EDITOR, PAGER, MAILER, ...? I
> haven't been in the habit of respecting these, mostly because I haven't
> really had cause, so I don't know what work has been done in this area.
I don't know. Anyone?
----- David A. Wheeler dwheeler
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]