[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Proposal] Why not add a "shell" procedure?

From: Mark H Weaver
Subject: Re: [Proposal] Why not add a "shell" procedure?
Date: Sun, 13 May 2012 14:29:12 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.92 (gnu/linux)

Hi Nala,

Nala Ginrut <address@hidden> writes:
> (define %current-shell (getenv "SHELL"))
> (use-modules (ice-9 popen) (rnrs io ports))
> (define shell
>    (lambda (cmd)
>        (let ((str (string-append %current-shell " -c " cmd)))
>           (get-string-all (open-pipe str OPEN_READ)))))

(open-pipe <STRING> ...) already does '/bin/sh -c <STRING>', so (shell
<STRING>) does '/bin/sh -c "<SHELL> -c <STRING>"', i.e. it launches a
shell within a shell.  This is wasteful, and might also exacerbate
problems when shell metacharacters are present in <STRING> or <SHELL>.

Therefore, better do (open-pipe* OPEN_READ %current-shell "-c" cmd)

Also, I recommend making '%current-shell' a fluid, and perhaps adding a
keyword argument to 'shell' to specify the shell directly, so that
'%current-shell' is only used as the default for the keyword argument.

Note that although it is convenient to pass strings directly to the
shell, it is fraught with security risks due to the complexity of
escaping shell metacharacters properly, especially given the diversity
of shells and shell configurations.  Therefore, it is better not to
encourage this way of doing things.  It is generally better to use
'open-pipe*' or 'system*' directly, to avoid the shell entirely.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]