bug-gawk
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-gawk] empty AWK*PATH inconsistency


From: Andrew J. Schorr
Subject: Re: [bug-gawk] empty AWK*PATH inconsistency
Date: Thu, 9 Oct 2014 09:24:36 -0400
User-agent: Mutt/1.5.23 (2014-03-12)

On Thu, Oct 09, 2014 at 09:59:39AM +0200, Robert Figura wrote:
> On Mon, 6 Oct 2014 13:03:32 -0400
> "Andrew J. Schorr"
> <address@hidden>
> wrote:
> 
> > There's also a question of whether the current working directory (cwd) 
> > should
> > be searched automatically or not.  At the moment, the cwd is searched
> > before AWKPATH, but not before AWKLIBPATH.
> 
> I've run into problems when . is searched before AWKPATH.
...
> I feel that should be seen as security problem. My workaround is to
> have a wrapper for awk that cd's into a directory that is safe...

I must confess that I also do not understand why the default value
of AWKPATH starts with ".", as in:

   bash-4.2$ awk 'BEGIN {print ENVIRON["AWKPATH"]}'
   .:/usr/share/awk

but then the code also forces a search of the current working directory
before using AWKPATH.  It seems to me that one or the other should be
sufficient.

If I could start over, I'd probably remove the automatic search of the
current working directory and rely upon AWKPATH for that, but I worry
that this might break existing code that depends on this behavior.  That
being said, my guess is that most users do not change AWKPATH, so it
would probably be safe to remove the automatic search of the current working
directory.

On the other hand, if we disable the automatic search of the CWD, and AWKPATH
was somehow modified such that it did not start with ".", then it might be very
counterintuitive for somebody to run "gawk -f foo.awk" and discover that it
was not loading the file foo.awk in the CWD.  Another pssibility is to force
a search of CWD only for files specified on the command-line with -f, but not 
for
files loaded with -i or @include.  I'm not sure of the right answer.

Regards,
Andy



reply via email to

[Prev in Thread] Current Thread [Next in Thread]