Email List: Xaustin-group-lX
[All Lists]
<prev [Date] next>
Search for messages containing

in message Subject: To: From: (none)
<prev [Thread] next>

Re: Defect in XBD Pathname

To: austin-group-l@xxxxxxxxxxxxx
Subject: Re: Defect in XBD Pathname
From: Geoff Clare <gwc@xxxxxxxxxxxxx>
Date: Mon, 8 Jun 2009 09:42:49 +0100
References: <200906080656.HAA27168@xxxxxx> 
drepper@xxxxxx <drepper@xxxxxx> wrote, on 08 Jun 2009:
> 
> @ page 75 line 2147 section Pathname objection {ud-filename-colon}
> 
> Problem:
> 
> Edition of Specification (Year): 2008
> 
> Defect code :  2. Omission
> 
> The location of the bug is actually one place that is effected.  And I'm not 
>sure where the final solution will apply.
> 
> The problem is the definition of PATH and similar environment variables and 
>similar concepts.
> 
> The definition of PATH says:
> 
> This variable shall represent the sequence of path prefixes that certain 
>functions and utilities apply in searching for an executable
> file known only by a filename. The prefixes shall be separated by a
> <colon> (':').
> 
> 
> The definition of path prefix refers to pathname which in turn refers
> to filename for the actual content of the string and the filename
> definition says:
> 
>                                                                       The 
>characters composing the name may be selected from the set of
> all character values excluding the <slash> character and the null
> byte.
> 
> 
> I.e., the path components are not disallowed to contain colons.  This
> makes it impossible to handle the pathname components correctly.  The
> shell, execvp(), etc only see a string and cannot differentiate
> between colons in pathname components and those between the paths
> components.
> 
> 
> We have to restrict filenames used in paths.  I think restricting
> pathname to pathname components and then define pathname components
> appropriately.
> 
> 
> This problem spreads far beyond POSIX's use of path.
> 
> Action:
> 
> Change page 76, line 2053 to:
> 
>   A filename not containing a colon (':').
> 
> 
> Change page 75, line 2147 from:
> 
>   [..] followed by zero or more filenames separated [...]
> 
> to
> 
>   [..] followed by zero or more pathname components separated [...]

This is the wrong way to go about fixing this.  You are trying to
fix a high-level problem by breaking low-level things.  At the low
level of things like open() there is no problem with pathnames
containing colons.  The problems are at a higher level and should
be fixed at that level.

In the specific case of PATH, a suitable fix would be to change

    "The prefixes shall be separated by a <colon> (':')."

to

    "The prefixes shall be separated by a <colon> (':'), and
    consequently in order for the value of PATH to be interpreted
    correctly the prefixes can not contain any <colon> characters."

-- 
Geoff Clare <g.clare@xxxxxx>
The Open Group, Thames Tower, Station Road, Reading, RG1 1LX, England
[Search for more with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Event [Reminder: Austin Group teleconference] updated, Andrew Josey
Next by Date:  Re: Defect in XBD Pathname, Geoff Clare
Previous by Thread:  Minutes of the June 4 2009 teleconference, Andrew Josey
Next by Thread:  Re: Defect in XBD Pathname, Geoff Clare
Indexes:  [Date] [Thread] [All Lists]