> -----Original Message----- > From: openwrt-devel [mailto:[email protected]] > On Behalf Of Jo-Philipp Wich > Sent: Mittwoch, 15. Juli 2020 14:19 > To: [email protected]; [email protected] > Subject: Re: [RFC PATCH v2 0/1] Introduce UCI support for configuring DSA > VLAN filter rules > > Hi, > > > I'm not sure whether using an asterisk is wise here, as it might pose > > interesting problems when people use scripts to set/evaluate uci > > config (as you have to be extra careful to not have it treated as a > > wildcard.) I'd be happy if we could find another symbol here. > > hm, can you elaborate on the problem here? Scripts which use uci values > verbatim without quoting are prone to any kind of shell injection flaws, not > sure if papering over such deficiencies is the way to go here.
I'm not having a specific case in mind; and of course you are right about unquoted values. However, I just tend to not use certain special characters as a symbol without need as there always will be a case where "problems" show up later. For example, one might create interesting effects when using sed on uci config values (same would be true for the dot in swconfig at the moment, I admit). Of course, this is just for consideration, I won't insist on it if you think the asterisk is a superior solution here. Best Adrian > > ~ Jo
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
