On Mon, Aug 04, 2003 at 02:07:26AM +0100, Colin Watson wrote:
> On Sun, Aug 03, 2003 at 07:48:43PM -0400, Matt Zimmerman wrote:
> > It might be a good idea to specify how quoting should be handled, both for
> > shell metacharacters and format specifiers.
>
> Odd, I thought I'd mentioned
> http://www.dwheeler.com/browse/secure_browser.html in this bug, but
> evidently not. man implements the "Compatible Secure BROWSER Definition"
> from that page. It's about 50 lines of C, not counting an escape_shell()
> utility function.
Ah, that one looks much more reasonable than the original. I still don't
like the escape-bad-characters approach used, though, rather than including
only known-safe characters. It's also very complex. The simplest approach
that I have seen is to have the caller only escape single quotes ("'") and
the user ensure that the %s token is always enclosed in single quotes in the
command line.
> We could also go for the Alternative definition on the same page, which
> acknowledges that you probably need a helper script anyway to do the
> complicated Netscape/Mozilla stuff and ditches the % characters
> entirely. I don't have any strong feelings about which to use.
The alternative definition is much simpler to implement, and has fewer
hazards. I see no major problems with it as yet.
--
- mdz
