On Tue, Jun 26, 2018 at 04:46:18PM -0400, Eric Sunshine wrote:
> > I'm not sure if there's a good solution, though. Even if you retained
> > the subshells and instead did a chain-lint inside each subshell, like
> > this:
> >
> > (exit 117) &&
> > one &&
> > (
> > (exit 117) &&
> > cd foo
> > two
> > ) &&
> > three
>
> I thought of that too, but the inner (exit 117) doesn't even get
> invoked unless there is &&-chain breakage somewhere above that point
> (for instance, if "one" lacks "&&"), so the inner (exit 117) doesn't
> participate in the linting process at all.
Oh, right. Not only does it not fix the problem, it's totally
unworkable. :)
> Some of these dangers can be de-thoothed during the linting phase by
> defining do-nothing shell functions:
>
> cp () { :; }
> mv () { :; }
> ln () { :; }
>
> That, at least, makes the scariest case ("rm") much less so.
Now that's an interesting idea. We can't catch every dangerous action
(notably ">" would be hard to override), but it should be pretty cheap
to cover some obvious ones.
-Peff
