Although I doubt I'll ever get into trouble, if GNU parallel is restrictive then the only thing I'll lose is a run and I'll have a log to work with.
Warnings are ignored by people. On Sun, Feb 23, 2025 at 12:27 PM Ole Tange <ta...@gnu.org> wrote: > > GNU Parallel has had a (theoretical) security issue a few years back: > https://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html > > Therefore GNU Parallel tries to be conservative to avoid surprising > results. --unsafe will allow GNU parallel to run in environments and > on input that are untested and thus may cause surprising results and > even security issues, where an evil attacker can influence the > results. > > Think attacks similar to Shellshock: > https://en.wikipedia.org/wiki/Shellshock_(software_bug) > > This of course has a negative effect when I restrict e.g. $PWD can > only contain [-a-z0-9_+,.%@:/= ] and gives the bad experience that you > now have to use --unsafe to allow $PWD to contain other characters - > e.g. Japanese. Especially if GNU Parallel *does* the right thing. And > it is doubly bad because in version X you *must* use --unsafe, whereas > before version X you *must* not --unsafe. > > So I think there is a discussion to be had here: > > Should GNU Parallel just accept any input (including environment > variables) and use those? This may cause surprising results and even > security issues, because it has not been tested. > > Or should GNU Parallel be restrictive and force you to use --unsafe, > when you are doing something that is not tested. If you are forced to > use --unsafe all the time for something that is safe, it is time to > file a bug report and have a discussion how to make your situation > well tested and safe. > > A third option is to issue a warning instead of an error. This way the > command will run, but you will be made aware that you are doing > something untested. > > Let me hear your thoughts. > > /Ole >
