bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sourcing a script from a pipe is not reliable


From: Chet Ramey
Subject: Re: Sourcing a script from a pipe is not reliable
Date: Thu, 10 Jan 2019 14:59:50 -0500
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.4.0

On 1/10/19 2:52 PM, Jeremy wrote:

> This bug seems not to be in current versions of bash 4.x, but I have not
> made an exhaustive study. The thing is I do not have control over which
> versions of bash people use to run the script, so I need a workaround. I
> was hoping this was a known bug with a known cause and a known workaround
> that would continue to be very portable. Alternatively, if we can narrow
> down which versions of bash are affected, then we can consider doing a
> specific check for that.
> 
> So far we have been able to limit this script to read operations so that it
> can run unprivileged on a read-only file system as it is read from a
> stream. That is why we are generating the script inline like this, and why
> I am not happy with the obvious workaround of sourcing a file instead of
> /dev/stdin.

Have you considered reading stdin into a string (if it's one line) or an
array (if it's more) and using `eval' on it? That obviously works better
if it's one line, but could be made to work on multiple lines.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    address@hidden    http://tiswww.cwru.edu/~chet/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]