\"special\" shells a security hole?
robert at gitpyr.UUCP
robert at gitpyr.UUCP
Fri Feb 13 02:22:37 AEST 1987
>gwyn at brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) (gwyn at brl.arpa, <5615 at brl-smoke.ARPA>):
> In article <3063 at gitpyr.gatech.EDU> robert at gitpyr.UUCP (Robert Viduya) writes:
> >Just include "SHELL=/bin/sh" near the beginning of the makefile.
>
> The problem is, you HAVE to do this or you run the risk of having
> the Makefile break. "Make" has no business providing variable
> semantics for Makefiles dependent on the user's environment. I
> suppose the original reason for this in Augmented Make was to
> permit redefining CC for cross-compilation, etc. without having
> to edit zillions of Makefiles. Too bad SHELL is honored too.
I disagree completely. Adding "SHELL=/bin/sh" is an extremely trivial
sacrifice to do compared to the flexibility it gives. The Bourne shell
is not, nor should ever be considered as, the be-all-and-end-all of all
shells. If I want to use Korn shell constructs in my Makefile, then
there ought to be a general, clean way of doing it, such as
"SHELL=/bin/ksh". Putting "/bin/ksh -c <cmd>" on every command line in
the Makefile is an ugly kludge. If Joe User down the hall only knows
how to write csh shell scripts and wants to do something more than just
sequential command execution in a Makefile (such as loops), he doesn't
have to learn how to use the Bourne shell to do so.
robert
--
Robert Viduya robert at pyr.ocs.gatech.edu
Office of Computing Services (404) 894-4660
Georgia Institute of Technology
Atlanta, Georgia 30332
More information about the Comp.unix.wizards
mailing list