Re: Fdescfs updates--coming to a devfs near you!
On Sun, 17 Sep 2000, Adrian Filipi-Martin wrote: I recently ran into revelant problem with /dev/stdout, while working on some software under linux that expected /dev/stdout as an argument instead of using stdout. Using the device file breaks, if the process is suid to a non-root user. This is because it cannot open /dev/stdout, which is owned by your UID and not the EUID of the process to which the device was passed. My solution was to add the "-" hack and use the existing open descriptor. Um, open on fdesc devices doesn't check either uid. It just checks the access mode. Perhaps the software expected /dev/stdout to for read-write like a tty would be. Then opening /dev/stdout would fail for normal shell output redirection which only opens for writing. Bruce To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Tue, 19 Sep 2000, Bruce Evans wrote: On Sun, 17 Sep 2000, Adrian Filipi-Martin wrote: I recently ran into revelant problem with /dev/stdout, while working on some software under linux that expected /dev/stdout as an argument instead of using stdout. Using the device file breaks, if the process is suid to a non-root user. This is because it cannot open /dev/stdout, which is owned by your UID and not the EUID of the process to which the device was passed. My solution was to add the "-" hack and use the existing open descriptor. Um, open on fdesc devices doesn't check either uid. It just checks the access mode. Perhaps the software expected /dev/stdout to for read-write like a tty would be. Then opening /dev/stdout would fail for normal shell output redirection which only opens for writing. No, it wasn't a RW/W issue. I dug a little deeper. It looks like the BSD implmentation of /dev/stdout is smarter than the linux version. Linux's is a symlink into /proc and the device ownership is determined by the UID of the invoking user. I guess I wouldn't have have had a problem under BSD. no suprise here. Adrian -- [ [EMAIL PROTECTED] -- Ubergeeks Consulting -- http://www.ubergeeks.com/ ] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, 14 Sep 2000, Ben Smithurst wrote:
Poul-Henning Kamp wrote:
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
You think adding a hack to every program to support "-" to mean
stdout/stdin is better? It seems to be that saying "/dev/stdin" when
you mean stdin is better than saying "-" and hoping the application
handles that correctly. Of course many programs will read stdin by
default, and write stdout by default, but that doesn't help when you
want to read more than one file, one of which is stdin.
If anything I would propose we ditch it...
And break loads of scripts at the same time?
I recently ran into revelant problem with /dev/stdout, while
working on some software under linux that expected /dev/stdout as an
argument instead of using stdout.
Using the device file breaks, if the process is suid to a non-root
user. This is because it cannot open /dev/stdout, which is owned by your
UID and not the EUID of the process to which the device was passed. My
solution was to add the "-" hack and use the existing open descriptor.
Still, I don't think /dev/stdout and friends are such bad things
that they should be abandoned. They are present in other OS's and it does
help avoid making named pipes and the such when you need the behavior the
special devices provide. I think it would simple create minor poratability
issues for third party software.
Adrian
--
[ [EMAIL PROTECTED] -- Ubergeeks Consulting -- http://www.ubergeeks.com/ ]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, Sep 14, 2000 at 02:37:06PM +0200, Poul-Henning Kamp wrote: [...] The majority of these programs could be handled by adding knowledge of "-" as a magic filename to fopen(3). At the same time I would really love if we implemented "|.*" to mean "do an popen(3)" instead. This would break POSIX and raise a security flaw in many applications. fopen(3) *never* should perform a fork/exec. Scary. Bjoern -- -BEGIN GEEK CODE BLOCK- GCS d--(+) s++: a- C+++(-) UBOSI$ P+++(-) L---(++) !E W- N+ o+ K- !w !O !M !V PS++ PE- PGP++ t+++ !5 X++ tv- b+++ D++ G e+ h-- y+ --END GEEK CODE BLOCK-- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
The majority of these programs could be handled by adding knowledge of "-" as a magic filename to fopen(3). [.] I would argue that the programs and the scripts that call them are already broken, but hey... So (just to add fuel to the mass opposition), do this without temporary files: count=$(program | tee /dev/stderr | wc -l) exit $count But then, you also said: At the same time I would really love if we implemented "|.*" to mean "do an popen(3)" instead. so I guess this could result in count=$(program |. cat | wc -l) exit $count (substitute correct "|.*" syntax - whatever that is). -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. -- Brian [EMAIL PROTECTED]brian@[uk.]FreeBSD.org http://www.Awfulhak.org brian@[uk.]OpenBSD.org Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, 14 Sep 2000, Julian Elischer wrote: I've never thought of a use for fdescfs... I used /dev/fd/1 just yesterday for a third-party precompiled binary that insists on outputting to a file specified on the command line. Slapping in /dev/fd/1 lets me stuff the command in a pipe chain. Same goes for /dev/fd/0. Other file descriptors, I'm less sure about :-) Robert N M Watson [EMAIL PROTECTED] http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
I've never thought of a use for fdescfs... -- __--_|\ Julian Elischer / \ [EMAIL PROTECTED] ( OZ) World tour 2000 --- X_.---._/ presently in: Perth v To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, Sep 14, 2000 at 01:12:10AM -0700, Julian Elischer wrote: I've never thought of a use for fdescfs... Well.. just a trivial example - imagine a program which takes a filename as an argument; imagine yourself trying to pipe something into it - passing /dev/fd/0 as a filename to process would do the trick. G'luck, Peter -- .sith ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
In message [EMAIL PROTECTED], Peter Pentchev writes
:
On Thu, Sep 14, 2000 at 01:12:10AM -0700, Julian Elischer wrote:
I've never thought of a use for fdescfs...
Well.. just a trivial example - imagine a program which takes a filename
as an argument; imagine yourself trying to pipe something into it -
passing /dev/fd/0 as a filename to process would do the trick.
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
If anything I would propose we ditch it...
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
[EMAIL PROTECTED] | TCP/IP since RFC 956
FreeBSD coreteam member | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
Poul-Henning Kamp wrote:
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
You think adding a hack to every program to support "-" to mean
stdout/stdin is better? It seems to be that saying "/dev/stdin" when
you mean stdin is better than saying "-" and hoping the application
handles that correctly. Of course many programs will read stdin by
default, and write stdout by default, but that doesn't help when you
want to read more than one file, one of which is stdin.
If anything I would propose we ditch it...
And break loads of scripts at the same time?
--
Ben Smithurst / [EMAIL PROTECTED] / PGP: 0x99392F7D
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
In message [EMAIL PROTECTED], Ben Smithurs
t writes:
Poul-Henning Kamp wrote:
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
You think adding a hack to every program to support "-" to mean
stdout/stdin is better?
The majority of these programs could be handled by adding knowledge
of "-" as a magic filename to fopen(3).
At the same time I would really love if we implemented "|.*" to mean
"do an popen(3)" instead.
But of course, this is bikeshed material...
If anything I would propose we ditch it...
And break loads of scripts at the same time?
I would argue that the programs and the scripts that call them are
already broken, but hey...
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
[EMAIL PROTECTED] | TCP/IP since RFC 956
FreeBSD coreteam member | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, Sep 14, 2000 at 02:37:06PM +0200, Poul-Henning Kamp wrote: [snip] The majority of these programs could be handled by adding knowledge of "-" as a magic filename to fopen(3). At the same time I would really love if we implemented "|.*" to mean "do an popen(3)" instead. Heh, and break security on loads of cgi-scripts while we're at it? Greetz, Peter -- dataloss networks '/ignore-ance is bliss' - me To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
[EMAIL PROTECTED] said: :- The majority of these programs could be handled by adding knowledge of :- "-" as a magic filename to fopen(3). Suppose I *want* a filename called "-"? My tough luck, huh? I *like* /dev/stdin. It's orthogonal! -- Robert Withrow -- (+1 978 288 8256) [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
[EMAIL PROTECTED] said: :- The majority of these programs could be handled by adding knowledge of :- "-" as a magic filename to fopen(3). Suppose I *want* a filename called "-"? My tough luck, huh? Could you settle for "./-"? Robert Withrow -- (+1 978 288 8256) [EMAIL PROTECTED] --Johnny To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
Poul-Henning Kamp writes:
In message [EMAIL PROTECTED], Ben Smithurs
t writes:
Poul-Henning Kamp wrote:
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
You think adding a hack to every program to support "-" to mean
stdout/stdin is better?
The majority of these programs could be handled by adding knowledge
of "-" as a magic filename to fopen(3).
Ugh. So what happens when you *really* want to read a filed called
"-"? Adding magic characters to low-level calls is a bad idea.
I believe /dev/fd originated in Unix v8 (or maybe plan 9) to provide a
uniform mechanism to get a class of process-internal objects where
they can be manipulated by shell scripts. If that's the case, it's
provenance is impeccable.
At the same time I would really love if we implemented "|.*" to mean
"do an popen(3)" instead.
Again, putting magic character recognition in a low-level call is a
bad idea. Worse yet, this kind of thing is really useful in shells
(which don't generally have the ability to manipulate fd's). Consider
trying to use that syntax in the shell?
Which is why modern shells that implement this kind of thing use a
different syntax. Of course, they depend on something like /dev/fd or
named pipes to provide this feature.
But of course, this is bikeshed material...
Most certainly. If you really want to make C programming look like
Perl programming, could you do it by adding new library calls, instead
of changing the semantics of existing ones?
mike
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
In message [EMAIL PROTECTED], Robert Withro w writes: [EMAIL PROTECTED] said: :- The majority of these programs could be handled by adding knowledge of :- "-" as a magic filename to fopen(3). Suppose I *want* a filename called "-"? My tough luck, huh? ./- Very few programs understand the filename "-" unless it is special cased to mean stdin/stdout -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
Poul-Henning Kamp wrote:
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
I strongly disagree. I actually have a script that I use daily which requires
a filename as an argument. By handing it /dev/stdin, I can make it take
output as a part of a pipe. A _very_ useful little feature, IMNSHO.
As far as fdescfs, well, Unixware has something very like it, and I believe
that other commercial Unices do as well. I suspect that it's useful to
some, if not to all.
One thing about end users as opposed to engineers, they put this stuff to
uses that we can't even imagine. Never underestimate the sheer ingenuity
of a relatively naive user. :-)
--
Frank Mayhar [EMAIL PROTECTED] http://www.exit.com/
Exit Consulting http://store.exit.com/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, 14 Sep 2000 11:48:58 +0200, Poul-Henning Kamp [EMAIL PROTECTED] said:
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
It's required if we ever get around to supporting secure set-id shell
scripts. (I think this was the rationale for originally introducing
it.) It also helps when bogus programs refuse to read from the
standard input.
-GAWollman
--
Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same
[EMAIL PROTECTED] | O Siem / The fires of freedom
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
Garrett Wollman wrote:
[/dev/stdin] also helps when bogus programs refuse to read from the
standard input.
Or if you want to read more than one file, one of which is standard input.
e.g.
gzip -dc oldlogs.*.gz | cat /dev/stdin todays-log | log-analyzer ...
Of course that will work with "-" instead of "/dev/stdin" but I
personally think it's the "-" hack to mean stdin/stdout which should be
abolished, not /dev/std{in,out,err}. No doubt others will disagree.
--
Ben Smithurst / [EMAIL PROTECTED] / PGP: 0x99392F7D
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
Poul-Henning Kamp wrote:
In message [EMAIL PROTECTED], Peter Pentchev writes
:
On Thu, Sep 14, 2000 at 01:12:10AM -0700, Julian Elischer wrote:
I've never thought of a use for fdescfs...
Well.. just a trivial example - imagine a program which takes a filename
as an argument; imagine yourself trying to pipe something into it -
passing /dev/fd/0 as a filename to process would do the trick.
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
How about the fact that the printing chapter in the Handbook uses /dev/fd/0
in its example of setting up a print filter using ghostscript since gs
doesn't read from stdin by default or use '-' for that purpose. Hmmm??
If anything I would propose we ditch it...
Tools, not policy, as you are so fond of saying.
--
John Baldwin [EMAIL PROTECTED] -- http://www.FreeBSD.org/~jhb/
"Power Users Use the Power to Serve!" - http://www.FreeBSD.org/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
On Thu, 14 Sep 2000, John Baldwin wrote:
Poul-Henning Kamp wrote:
In message [EMAIL PROTECTED], Peter Pentchev writes
I must admit that I think in general that /dev/std{in,out,err} and /dev/fd
is bogus. It looks like something which happened "because we can" more
than something which has a legitimate need.
How about the fact that the printing chapter in the Handbook uses /dev/fd/0
in its example of setting up a print filter using ghostscript since gs
doesn't read from stdin by default or use '-' for that purpose. Hmmm??
Actually, I think it should be the other way around: if anything should
go, it's the use of '-' in programs/scripts. The only advantage is that
it saves keystrokes.
I agree, /dev/std{in,out} is a very neat and elegant way of working with
stdin/out. If anything is the kludge, it's '-', and it's really vague as
to what it means. With /dev/std{in,out}, there's no doubt as to what's
going on with file ops. Plus, it's the unix way (tm) of doing
things. Almost all Unices have this, don't they? This means there's
likely to be some cross-platform shell scripts that use those things.
- Donn
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
At 11:48 AM +0200 9/14/00, Poul-Henning Kamp wrote:
I must admit that I think in general that /dev/std{in,out,err}
and /dev/fd is bogus. It looks like something which happened
"because we can" more than something which has a legitimate need.
If anything I would propose we ditch it...
I think it is a reasonable feature to have. It probably won't
be useful all that often, but it could be very useful in some
situations. I know I've hit situations where I wished I could
do something like this, but I couldn't tell you an example
right this minute.
So, I wouldn't want to see fdesfs ditched, but on the other
hand I don't have any clue how to address the loose ends that
Chris mentioned in his initial message. :-)
---
Garance Alistair Drosehn = [EMAIL PROTECTED]
Senior Systems Programmer or [EMAIL PROTECTED]
Rensselaer Polytechnic Institute
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: Fdescfs updates--coming to a devfs near you!
In message [EMAIL PROTECTED] Garrett Wollman writes: : It's required if we ever get around to supporting secure set-id shell : scripts. (I think this was the rationale for originally introducing : it.) It also helps when bogus programs refuse to read from the : standard input. I'd like to see us enable that. It would remove the need to have setuid perl, for example. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
