Re: [FYI] Re: Vulnerability in libtool 1.5

libtool-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FYI] Re: Vulnerability in libtool 1.5

From:	Scott James Remnant
Subject:	Re: [FYI] Re: Vulnerability in libtool 1.5
Date:	Mon, 05 Jan 2004 14:54:36 +0000

On Mon, 2004-01-05 at 14:45, Gary V. Vaughan wrote:

> Scott James Remnant wrote:
> | On Sun, 2004-01-04 at 20:06, Gary V.Vaughan wrote:
> |
> |>I have no problem with starting to use shell functions to libtool now,
> |>and infact I think that it is the best way to bring some sanity to the
> |>code spaghetti we are trying to maintain.  For now, I don't think it is
> |>safe to rely on any more advanced shell function features than
> |>enumerated parameter passing.
> |>
> |
> | Here's what Blinn has to say:
> |
> | /bin/sh on older shells, including (at least) ULTRIX don't support them,
> | do we drop support for those platforms?
> |
> | Some shells also would overwrite libtool's own $1...$# once the first
> | function is called, so we should be sure to capture all shell script
> | arguments before calling any function lest they be lost.
> |
> | On ULTRIX and HP-UX there's a /bin/sh5 which supports functions and
> | positional parameter stacking.
> 
> Autoconf is starting the process of adding code to configure to search for a
> CONFIG_SHELL that has function support.  Libtool already has a function (only
> called on cygwin, but still parsed elsewhere) that has been around for some
> time without causing complaint.
> 
> At worst, for those few platforms with a default shell that doesn't support
> functions, and until autoconf adds re-execing with a shell that does, the user
> might need to 'export CONFIG_SHELL=/bin/sh5'.  There was a thread on the
> autoconf list recently that concluded there were no longer any platforms
> (which would need a modern autoconf) that had no shell supporting shell 
> functions.
> 
I don't see the problem with requiring CONFIG_SHELL=/a/better/shell on
some legacy platforms provided we document it somewhere convenient.  If
we do that, we can go with shell functions generally I think.

Scott
-- 
Have you ever, ever felt like this?
Had strange things happen?  Are you going round the twist?

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

[FYI] Re: Vulnerability in libtool 1.5, Scott James Remnant, 2004/01/03
- Re: [FYI] Re: Vulnerability in libtool 1.5, Gary V . Vaughan, 2004/01/04
  - Re: [FYI] Re: Vulnerability in libtool 1.5, Scott James Remnant, 2004/01/05
    - Re: [FYI] Re: Vulnerability in libtool 1.5, Gary V. Vaughan, 2004/01/05
    - Re: [FYI] Re: Vulnerability in libtool 1.5, Scott James Remnant <=

Prev by Date: Re: [FYI] Re: Vulnerability in libtool 1.5
Next by Date: 61-gary-refactor-shell-variable-promulgation.patch
Previous by thread: Re: [FYI] Re: Vulnerability in libtool 1.5
Next by thread: Re: ZZQUTM, take all these
Index(es):
- Date
- Thread