[gentoo-dev] Re: escaping variables in sed expressions
Ciaran McCreesh wrote: Nor do most Unix apps, since they tend to be written in C using all those C library functions that work on null terminated strings. Null introduces far more problems than it solves, character-wise... ..but it's fine as a terminator, if you know what you're doing. -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Re: escaping variables in sed expressions
On Thu, Apr 17, 2008 at 6:31 AM, Duncan [EMAIL PROTECTED] wrote: While you are almost certainly correct on POSIX/Unix filenames and the shell won't accept / in a filename, IIRC (from reading) it's often possible for C programs to code a literal / in a filename, and possible for some filesystems (also written in C, generally) to accept it. Thus, while POSIX/Unix standards don't allow it, in practice, it's sometimes possible, if rare. If that's possible, we shouldn't support it anyway. If someone wants to use /var/tmp/port\/age we'll just stab him, if someone releases a tarball with such filenames we'll stab him, too. -- Santiago M. Mola Jabber ID: [EMAIL PROTECTED] -- gentoo-dev@lists.gentoo.org mailing list
[gentoo-dev] Re: escaping variables in sed expressions
Rémi Cardona [EMAIL PROTECTED] posted [EMAIL PROTECTED], excerpted below, on Thu, 17 Apr 2008 07:49:23 +0200: Duncan a écrit : Whatever your faults, you /do/ tend to be quite accurate on such things. Wow, you've managed to turn a nice technical discussion (which is rare enough in recent history) into a let's-start-bashing-people thread. You've lost all credibility in just one sentence... Pity. Thanks, someone, for mailing me offlist about this. I'm incredibly sorry it was apparently taken negatively, as I had an entirely different meaning in mind, but it obviously didn't come thru as I intended. I'm not sure I can explain without inserting my foot even further into my mouth, but I'll try. I was intending to acknowledge the potential wound but communicate my respect for the person and the technical expertise and appreciation for fineness of detail I've repeatedly seen him demonstrate. Unfortunately, it seems I screwed up big time and that's not the way it came out; rather than respect, it seemed like dissing. So I unconditionally apologize for screwing up. Again, thanks for rightfully pointing that out, and thanks as well to the person that notified me and tried to help. -- Duncan - List replies preferred. No HTML msgs. Every nonfree program has a lord, a master -- and if you use the program, he is your master. Richard Stallman -- gentoo-dev@lists.gentoo.org mailing list
[gentoo-dev] Re: escaping variables in sed expressions
Santiago M. Mola [EMAIL PROTECTED] posted [EMAIL PROTECTED], excerpted below, on Thu, 17 Apr 2008 11:51:32 +0200: If that's possible, we shouldn't support it anyway. If someone wants to use /var/tmp/port\/age we'll just stab him, if someone releases a tarball with such filenames we'll stab him, too. Agreed. It's not a question of Gentoo support I'm worried about, but of the absolute statement and someone coming across it and relying on it in a (possibly unrelated) context in which it perhaps isn't possible to rely on, to unknown negative consequences possibly including security issues. Also, as it's in the upthread, just in case someone doesn't get the apology I just sent, let me again unconditionally apologize for the very big screwup I made of things above. It didn't come out the way I intended at all, and I thank someone for rightfully pointing that out, and also the person who brought it to my attention offlist and allowing me to try to correct the problem -- tho I realize it's not something that really /can/ be entirely corrected. -- Duncan - List replies preferred. No HTML msgs. Every nonfree program has a lord, a master -- and if you use the program, he is your master. Richard Stallman -- gentoo-dev@lists.gentoo.org mailing list
[gentoo-dev] Re: escaping variables in sed expressions
Ciaran McCreesh [EMAIL PROTECTED] posted [EMAIL PROTECTED], excerpted below, on Wed, 16 Apr 2008 18:24:05 +0100: On Wed, 16 Apr 2008 19:17:51 +0200 Frank Gruellich [EMAIL PROTECTED] wrote: I was not able to create a filename or path containing it. (Anyone else?) Unix file names can't contain / or null. Feel free to correct me if I'm mistaken, but I believe I was reading somewhere and /thought/ it was this list... While you are almost certainly correct on POSIX/Unix filenames and the shell won't accept / in a filename, IIRC (from reading) it's often possible for C programs to code a literal / in a filename, and possible for some filesystems (also written in C, generally) to accept it. Thus, while POSIX/Unix standards don't allow it, in practice, it's sometimes possible, if rare. This was an entirely new idea to me when I read it, but it sounded like just the sort of filesystem implementation detail one might overlook, so I remembered it, I /believe/ accurately. Whatever your faults, you /do/ tend to be quite accurate on such things, so if you'd either confirm this or disabuse me of my misinformation, I'd definitely appreciate it. If it's correct, it's certainly worth considering before one starts making absolutist assumptions and statements that could be wrong in some cases, particularly as such bad assumptions seem to often lead ultimately to security faults. -- Duncan - List replies preferred. No HTML msgs. Every nonfree program has a lord, a master -- and if you use the program, he is your master. Richard Stallman -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] Re: escaping variables in sed expressions
Duncan a écrit : Whatever your faults, you /do/ tend to be quite accurate on such things. Wow, you've managed to turn a nice technical discussion (which is rare enough in recent history) into a let's-start-bashing-people thread. You've lost all credibility in just one sentence... Pity. If it's correct, it's certainly worth considering before one starts making absolutist assumptions and statements that could be wrong in some cases, particularly as such bad assumptions seem to often lead ultimately to security faults. Well gee, thanks for considering Gentoo security, I feel so much better now. Seriously though, please leave the condescending tone of your post at the door. This post of yours is seriously out of line (imho). Thanks Rémi -- gentoo-dev@lists.gentoo.org mailing list
