oss-sec mailing list archives
Re: wordexp(3)
From: Florian Weimer <fweimer () redhat com>
Date: Wed, 11 Feb 2015 13:36:44 +0100
On 02/11/2015 01:17 PM, Stuart Henderson wrote:
On 2015/02/10 20:27, Solar Designer wrote:(x5) <@worr> OpenBSD wins the wordexp(3) contest, by refusing to implement it altogether.It might be of interest to know that we've only got patches in 2 ports as a result of this: celestia and filezilla (we're using globs instead of wordexp for these; I'm not aware of any negative feedback relating to these patches).
There is software out there which automatically uses a shell-based implementation if the system does not provide wordexp. With this in mind, it makes sense to provide the interface even if you dislike it (same thing with strlcpy). -- Florian Weimer / Red Hat Product Security
Current thread:
- wordexp(3) Solar Designer (Feb 10)
- Re: wordexp(3) Rich Felker (Feb 10)
- Re: wordexp(3) Rich Felker (Feb 10)
- Re: wordexp(3) John Haxby (Feb 11)
- Re: wordexp(3) Stuart Henderson (Feb 11)
- Re: wordexp(3) Florian Weimer (Feb 11)
- Re: wordexp(3) Tim (Feb 11)
- Re: wordexp(3) Daniel Micay (Feb 11)
- Re: wordexp(3) Florian Weimer (Feb 11)
- Re: wordexp(3) Rich Felker (Feb 10)