From owner-freebsd-standards  Tue Mar 19  2: 7: 1 2002
Delivered-To: freebsd-standards@freebsd.org
Received: from descent.robbins.dropbear.id.au (211.c.004.mel.iprimus.net.au [210.50.38.211])
	by hub.freebsd.org (Postfix) with ESMTP id 2564A37B404
	for <freebsd-standards@FreeBSD.ORG>; Tue, 19 Mar 2002 02:06:56 -0800 (PST)
Received: (from tim@localhost)
	by descent.robbins.dropbear.id.au (8.11.6/8.11.6) id g2JA5pc02696;
	Tue, 19 Mar 2002 21:05:51 +1100 (EST)
	(envelope-from tim)
Date: Tue, 19 Mar 2002 21:05:50 +1100
From: "Tim J. Robbins" <tim@robbins.dropbear.id.au>
To: Peter Pentchev <roam@ringlet.net>
Cc: freebsd-standards@FreeBSD.ORG
Subject: Re: standards/36076: Implementation of POSIX fuser command
Message-ID: <20020319210550.A2621@descent.robbins.dropbear.id.au>
References: <200203190810.g2J8A3761846@freefall.freebsd.org> <20020319110634.H9136@straylight.oblivion.bg>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20020319110634.H9136@straylight.oblivion.bg>; from roam@ringlet.net on Tue, Mar 19, 2002 at 11:06:34AM +0200
Sender: owner-freebsd-standards@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-standards.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-standards>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-standards>
X-Loop: FreeBSD.ORG

On Tue, Mar 19, 2002 at 11:06:34AM +0200, Peter Pentchev wrote:

> I must admit that I am a bit wary of having a shell script wrapper;
> there are many ways a shell command could go wrong - field separators,
> backticks, variable expansions...  IMVHO, a Perl script might make
> things a bit more secure.  What do others think?

I was under the impression that FreeBSD was slowly moving away from
having perl in the base system but I'll write a perl version if necessary,
but even that won't remove some limitations (eg. spaces in command names).

AFAIK, the only problem with the current fuser script is that it chokes
on filenames with quotes in them (due to the |awk).

The only safe way to do it is to write it in C using similar techniques
to those fstat uses, but that requires more effort and introduces yet
another sgid kmem binary.

Although not an excuse for introducing new 'bad' code into the tree,
it's worth pointing out that rcp/scp can't copy files with shell meta-
characters in their names, and nobody seems to have complained.


Tim

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-standards" in the body of the message