Re: [bug] coreutils: potentially dangerous: $(realpath //) != /
- Date: Sat, 17 Mar 2018 00:15:58 -0600
- From: Brian Inglis <Brian.Inglis@xxxxxxxxxxxxxxxxxx>
- Subject: Re: [bug] coreutils: potentially dangerous: $(realpath //) != /
On 2018-03-15 01:11, Thomas Wolff wrote:
> Am 14.03.2018 um 11:58 schrieb Mikhail Usenko via cygwin:
>> On Mon, 12 Mar 2018 20:43:13 -0500
>> Eric Blake <...> wrote:
>>> Just because Linux has taken the stance that their documented definition
>>> of // is "synonym for /" does NOT mean that ALL POSIX systems have taken
>>> the same approach; Cygwin has taken the approach that "// is documented
>>> to be the root of network access points, distinct from /".
>>> POSIX allows leeway between implementations; this is one of those
>>> documented places where they differ, yet are still both POSIX compliant
>>> with their different choices. If your script is not robust to what
>>> POSIX has already warned you about, fix your script.
>> If you really claims that Cygwin may and should be different and distinct
>> from all other existing POSIX systems (the more so that it is allowed by
> which is not the case. There are other systems where // is the network root.
>> then it would probably be more obvious and clear to say this at the very
>> beginning, e.g. "Get that Linux feeling (with all those differences and
>> distinctions) - on Windows"
> Considering that due to the limitations of being embedded in Windows, Cygwin
> cannot always perfectly mimic either Linux or POSIX systems, I personally prefer
> the more generic approach to define POSIX as its model.
It's comforting to know that if a script arg is supplied as / and used as the
target of rmdir $v/ or rm -rf $v/..., it won't do anything.
(Although any such args should always be canonicalized, then checked to ensure
they are not, whether deliberately or inadvertently, null, $PWD or any prefix,
/, or other significant standard paths.)
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple