New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hardcoded 'eval $command' is problematic and against "final power to the user" #3135
Comments
This would be a big compatibility break, so it should belong to ReaR 3.0, not 2.8. I am not even convinced that this change would be an improvement. Yes, in #3089 (comment) I noted that Your argument about "with the hardcoded eval the user can not specify
without the single quotes it would not have worked either, so to assign it to
which then works as expected:
unwieldy? yes. Against "final power to the user"? I would not say so. The bash quoting rules are well documented and it is quite easy to understand what one needs to put into $command: it must get assigned the same string as one would type at the command line. The complexity arises from the amount of quoting that is sometimes needed to achieve the result. The
which looks a bit better. Your suggestion to call the command as merely
result:
where are my spaces? Maybe you would expect the extra space before
where are my triple spaces and what is the
What happens is that the shell performs whitespace splitting on the value of I must say that when you let the shell to split the command string into words and then execute the sequence of words, it is so difficult for me how to make it do what I need that I much prefer Worse, how do you execute multiple commands?
not only are the extra spaces eaten - the
-- almost right, but I still don't know how to get the extra spaces there, some word splitting is still going on:
not quite right either, neither is
:
I admit I am lost here. |
The underlying problem is that with |
@pcahyna In particular your reasoning
convinced me that the current |
In default.conf we describe several cases
where the user can specify commands to be run by ReaR
and we run those user specified commands usually via
to make it easier for the user to specify e.g.
and get
$...
evaluated not when it is specifiedbut when it is executed.
But in general
eval arbitrary $...
is problematic, cf.#3089 (comment)
and the subsequent comments therein.
And with the hardcoded
eval
the user can not specifywhen he does not want to get
$...
evaluated likebecause
By the way: Note the mising double quote characters with
eval ...
So our hardcoded 'eval $command' is problematic
and it is against final power to the user.
Therefore I am thinking about to remove our hardcoded 'eval'
and explain in default.conf that the user must manually
specify 'eval' when he needs it.
So instead of
the user would have to specify
and ReaR could simply and safely call plain
$command
for example like
The text was updated successfully, but these errors were encountered: