[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: protecting shell fds



I agree with the current position.  However, I'd just like to inject some
more things for consideration.

At the moment, if I understand correctly without examining the code in
detail, es handles fd's 0, 1 and 2 in a similar way to how rc does: that is,
it keeps 0, 1 and 2 open during shell operation on what they were open on
when the shell was invoked.  This means that there is less work to do in
a child after forking, since 0, 1 and 2 already have the right things on
them.  It does have one disadvantage which to my mind is quite serious:
namely, it makes it impossible (well, very very hard) to execute builtins
with redirections unless you fork.  This is really, really terrible.  In
fact, it is a bug.  If the builtin is either trying to change the
state of the current shell, or trying to report a piece of the current
shell's state that is not exported, then you lose big-time, and both
of these are reasonable things to want to do.

csh handles this (in a less complex environment, admittedly, since
in the version of csh I am thinking of you can't do "exec <foo") by
moving 0, 1 and 2 to other descriptors when it starts, and moving them
back when it forks.  This has the huge advantage that builtins with
redirections can be executed without a fork.  (Note: I don't give a
good damn about questions of efficiency here.  I am talking about 
_correctness_.)

I haven't built es 0.7 yet, so can't try stuff, so please accept my
apologies if it can already do this right.

OK,
John.