Exporting shell functions into shell files
Stanley Friesen
friesen at psivax.UUCP
Wed Nov 27 04:23:28 AEST 1985
>In article <4588 at alice.UUCP>, rob at alice.UucP (Rob Pike) writes:
>>I will use two examples to explain why you want to export shell functions:
>
>>hide takes a list of names and makes empty functions from them: functions
>>that just echo that they were called, but that do nothing.
>> This is useful
>>for debugging shell scripts and makefiles:
>> % hide rm
>> % rm foo
>> hidden rm foo
>> %
>>rm didn't really run, but you can see it would have. So if "futz" is a shell
>>program you're working on that (once working) removes things, you can
>>debug futz without fear of losing precious files. It's more useful that
>>these be functions than files because there is nothing to clean up later:
>>the functions go away when the shell you're working in disappears - when you
>>log off or delete the window.
The problem with this is that it creates a serious security
hole. A user may inadvertantly or maliciously redefine a command used
by a system shell script changing its behavior radically. A system
command that suddenly stops using due to some independent action or
which can be made to do whatever the user wants by tricking it into
executing the user's program is very dangerous.
Thus this sort of facility *must* have an escape mechanism.
There shold be a simple, direct way of *deleting* *all* defined shell
functions in a secure shell script. You know something like 'undefine all'.
Without this the mechanism is too dangerous.
--
Sarima (Stanley Friesen)
UUCP: {ttidca|ihnp4|sdcrdcf|quad1|nrcvax|bellcore|logico}!psivax!friesen
ARPA: ttidca!psivax!friesen at rand-unix.arpa
More information about the Comp.unix
mailing list