| CARVIEW |
Select Language
HTTP/2 200
cache-control: max-age=43200
server: Combust/Plack (Perl)
vary: Accept-Encoding
content-encoding: gzip
content-length: 1884
content-type: text/html; charset=utf-8
last-modified: Sun, 12 Oct 2025 05:36:08 GMT
traceparent: 7e19954f2f0b68a5732965fffa0c6f4f
strict-transport-security: max-age=15768000
Re: [perl #2783] Security of ARGV using 2-argument open - historicity - nntp.perl.org
Front page | perl.perl5.porters |
Postings from July 2008
nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About
Front page | perl.perl5.porters |
Postings from July 2008
Re: [perl #2783] Security of ARGV using 2-argument open - historicity
From:
Tom ChristiansenDate:
July 27, 2008 17:17Subject:
Re: [perl #2783] Security of ARGV using 2-argument open - historicityMessage ID:
2774.1217204247@chthon
In-Reply-To: Message from Mark Mielke <mark@mark.mielke.cc>
of "Sat, 26 Jul 2008 16:29:40 EDT." <488B8934.3050204@mark.mielke.cc>
> Users who don't read the document will always be surprised. In
> standard Unix, passing a "-" in has traditionally meant STDIN.
For input; for output, it's meant stdout, the standard output.
Compare
% tar cf - | gzip > foo.tar.gz
% gunzip < foo.tar.gz | tar xf -
As for piping to/fro "-", that's a Perl innovation, but it still means
"to/fro the *standard* thing" (of which [per Descartes] the only such
standard upon whose existence we can be certain is the very querent
it/him/our/themself; hence, the fork, being ourselves of the only entity
guaranteed to exist).
> One could argue that an experienced user might be "surprised" that "-"
> was NOT interpreted as STDIN. This argument is entirely relative to
> the person's expectations.
> In this case, the expectations should be well instilled. Perl has done
> what it has done for over a decade,
While what you said is not false, it doesn't convey the historicity.
You could have said over a month and been equally correct.
Perl has *always* done this. Witness:
% perl1 -e 'while(<>) {print "$ARGV $. $_";}' /etc/motd - /etc/motd < /etc/motd
/etc/motd 1 This particularly rapid unintelligible patter
/etc/motd 2 isn't generally heard and if iTIS it doesn't matter.
- 3 This particularly rapid unintelligible patter
- 4 isn't generally heard and if iTIS it doesn't matter.
/etc/motd 5 This particularly rapid unintelligible patter
/etc/motd 6 isn't generally heard and if iTIS it doesn't matter.
% perl1 -v
$Header: perly.c,v 1.0 87/12/18 15:53:31 root Exp $
Patch level: 0
> and if somebody is truly surprised today - they should pick up the
> manual and give it another read.
Even in our post-literate uncivilization? :-(
--tom
- Re: [perl #2783] Security of ARGV using 2-argument open - historicity by Tom Christiansen
nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About