Hello!
On Tue, Aug 24, 1999 at 03:41:18AM +1000, Fergus Henderson wrote:
> [...]
> This is a convenient hack, but IMHO it is not suitable for inclusion
> in the Haskell standard library, because it increases the risk of
> security holes in Haskell applications.
I agree. I don't like that similar hack in Perl either.
> A better alternative would be to provide a new function named
> "openFileOrPipe" with this augmented functionality.
Even better something akin to C's popen(3), where the mode (do
you send data from or to the external program) is specified by a
second parameter instead of implicitly by | symbols somewhere in
the first parameter.
Perhaps we could do some popen2 in the same run:
popen2 :: String -> IO (Handle, Handle), yielding two pipes (stdin
and stdout).
Or more low level, pass the command in a form ready for execve(),
i.e. full path to the program (perhaps a ...p variant which still
searches the PATH), argument vector, environment vector. That's
more secure than having *only* a variant which uses sh -c.
Regards, Hannah.
