Re: [dev][project] soap - a simple xdg-open replacement

From: FRIGN <dev_AT_frign.de>
Date: Sun, 4 May 2014 14:07:25 +0200

On Sun, 4 May 2014 12:48:38 +0100
Chris Down <chris_AT_chrisdown.name> wrote:

> I did not see that, however that still doesn't really resolve the
> problem. You don't know which shell the user is using.

I suppose taking care of a properly-fortified regex + the included
security from the shell-escapes is sufficient.
Can you give me an example for a shell which can't interpret strings
escaped this way?
 
> This does not resolve all problems, anyway. Consider `foo 'bar %s'`.

Granted, this problem would exist, if a program designed like foo
existed. I'd consider this a faulty design.
I'm always happy to learn, but the programs I know, which take
commands as arguments, usually do it with a flag at the end followed by
_unquoted_ arguments.
Taking st for example, executing a program in a new shell works this
way:

$ st (opts) -e (command)

Taking one line from the config.h, handling mp3's equates to executing
this command:

{ "\.mp3", "st -e mplayer %s" }

This behaviour is consistent across most terminal emulators I know.

Now, we might ask ourselves if this really is a deficiency in soap or a
general shell-concern, which has already been adressed broadly.

Cheers

FRIGN

-- 
FRIGN <dev_AT_frign.de>
Received on Sun May 04 2014 - 14:07:25 CEST

This archive was generated by hypermail 2.3.0 : Sun May 04 2014 - 14:12:07 CEST