On Fri, 3 Dec 1999, Jules Bean wrote:
> On 3 Dec 1999, Jean-Marc Lasgouttes wrote:
>
> > >>>>> "Jules" == Jules Bean <[EMAIL PROTECTED]> writes:
> >
> > Jules> Do you mean you're passing the arguments as one big string, not
> > Jules> as separate arguments? This is dangerous, it relies on the
> > Jules> quoting characteristics of the user's SHELL.
> >
> > Well, we use system() and this invokes sh, right? So on unix, the
> > problems should be rare.
>
> Yeah. system() will be OK if you trust the /bin/sh to do what you expect
> on all systems. However, it's really hard to quote things properly (and,
> IIRC, it is sometimes not possible, with some versions of bourne shell, to
> quote something correctly)
E.g. you can't put ' inside a '-string:
sh-2.02$ echo 'as\'ds'
>
(it's waiting for the closing ')
Jules
/----------------+-------------------------------+---------------------\
| Jelibean aka | [EMAIL PROTECTED] | 6 Evelyn Rd |
| Jules aka | [EMAIL PROTECTED] | Richmond, Surrey |
| Julian Bean | [EMAIL PROTECTED] | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| War doesn't demonstrate who's right... just who's left. |
| When privacy is outlawed... only the outlaws have privacy. |
\----------------------------------------------------------------------/
