Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal: Add open_process_args, for proc+args instead of a shell #7794

Closed
vicuna opened this Issue May 10, 2018 · 5 comments

Comments

Projects
None yet
1 participant
@vicuna
Copy link
Collaborator

vicuna commented May 10, 2018

Original bug ID: 7794
Reporter: vog
Status: resolved (set by @xavierleroy on 2018-05-24T09:11:14Z)
Resolution: fixed
Priority: normal
Severity: feature
Version: 4.06.1
Fixed in version: 4.08.0+dev/beta1/beta2
Category: standard library
Related to: #7672
Monitored by: @nojb @gasche

Bug description

I propose to add variants of the open_process functions which take "proc" and "args" instead of a shell command.

Rationale:

The standard library should encourage safe interfaces by making them more convenient than unsafe interfaces.

In particular, the safe process execution via "proc:string + args:string list" should be encouraged over shell command execution.

However, the nice, high-level open_process function is only available for shell commands. For safe execution (proc+args) there is only create_process which is relatively low-level.

Additional information

See also: ocaml-batteries-team/batteries-included#858

@vicuna

This comment has been minimized.

Copy link
Collaborator Author

vicuna commented May 13, 2018

Comment author: @nojb

Related PR: #1492

@vicuna

This comment has been minimized.

Copy link
Collaborator Author

vicuna commented May 14, 2018

Comment author: vog

Thanks for pointing to the related PR about "Filename.quote_command".

I'd just like to mention that I don't see Filename.quote_command as part of the solution, but more as part of the problem.

The respective low-level calls (execve, execvep, etc.) take prg+argv directly, and so should the implementation of "open_process_args".

It makes no sense to involve the shell at all. Calling the shell and escaping the arguments would just introduce a new possible point of (security) failure without any benefit: It would merely instruct the shell to perform what we should have performed on OCaml side in the first place.

@vicuna

This comment has been minimized.

Copy link
Collaborator Author

vicuna commented May 21, 2018

Comment author: @xavierleroy

I agree, the proposed functions make sense and would be simpler than a working Filename.quote_command, with which I'm still struggling.

@vicuna

This comment has been minimized.

Copy link
Collaborator Author

vicuna commented May 21, 2018

Comment author: @nojb

#1792

@vicuna

This comment has been minimized.

Copy link
Collaborator Author

vicuna commented May 24, 2018

Comment author: @xavierleroy

Merged in trunk, will be in 4.08.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.