Preserve (instead of collapse) arguments in su_monkeysphere_user(). - monkeysphere - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Jonas Smedegaard <dr@jones.dk>	2013-03-09 17:21:43 +0100
committer	Jonas Smedegaard <dr@jones.dk>	2013-03-13 11:39:37 +0100
commit	1110201eddb377e0b900f6f9f8de93fcddfde1a3 (patch)
tree	5a0950b254ad43e54809268e15c0922be07243e3 /utils
parent	ddb31eda39e80b9dbf338e3b3b848ad4fcb549bc (diff)

Preserve (instead of collapse) arguments in su_monkeysphere_user().

It is a healthy coding practice to keep each argument separate when executing system calls, i.e. quote each variable separately instead of relying on whitespace to indicate argument separation. Quoting shell-inside-shell is tricky to do right, but not impossible: Bourne-derived shells treat single-quoting literally, which means that shell command arguments (i.e. an array of strings) should be safe to serialize (dual-quote) using these simple rules: b) each single-quote inside each string is escaped as '\'' a) each string is surrounded by single-quotes This patch applies above single-quote serialization for su_monkeysphere_user(). This appears to break for commands that start with variable assignment, like: PAGER=cat git diff So as long as we do not use that form, su_monkeysphere_user() should not treat its variables any worse than previous non-quoting.

Diffstat (limited to 'utils')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: