Front page | perl.perl5.porters |
Postings from July 2008
* Rafael Garcia-Suarez <rgarciasuarez@gmail.com> [2008-07-29 22:45]: > 2008/7/29 Aristotle Pagaltzis <pagaltzis@gmx.de>: >> * Abigail <abigail@abigail.be> [2008-07-28 21:30]: >>> - Programs that wouldn't use while (<>) pre-5.12 (because >>> they might run in an environment where file names may >>> start with '|' or '>') will use 3-arg "safe" while (<>), >>> will be, silently, a security issue when run with a >>> pre-5.12. >>> >>> If you make "while (<<>>)" to be 3-arg open, then at least >>> such programs will fail to compile when run with a pre-5.12 >>> perl. >> >> Exactly. I want to highlight this again: in my opinion, having >> code that is safe under 5.12 (or 5.10.1 or whenever) not >> silently become unsafe under 5.10.0 or earlier is an >> incontrovertible argument for introducing a new safe >> diamond-like operator as incompatible syntax. > > If I parse you well, that's indeed a compelling argument. I think you are. The argument in full length is: if someone writes `while (<>)` under 5.12, and this uses 3-arg open in 5.12, then takes that code and runs it under 5.8, it will silently change behaviour. Whereas if `while (<>)` stays the same, and someone instead writes `while (<<>>)` in 5.12, then takes that code and runs it under 5.8, the program won’t run at all. As well it shouldn’t. And we know the legions of ancient perls that are still deployed, and that few people arm all their scripts with `require 5.whatev`, so this is quite a likely scenario. For that reason, changing the semantics of `while (<>)` is a bad idea. >> We can discourage the unconsidered use of magic ARGV with a >> warning. This would be the exact same strategy that C >> compilers followed WRT `gets`, which it seems to me worked >> well for C. It also seems to me that the people who are >> certain enough that they want this feature are also people who >> won't shy away from muting a warning. > > Recapitulating what was proposed by you, we are getting to : > * not changing <> Apart from the warning, obviously, per the paragraph you quoted right above your recapulation. > * introducing new, safer <<>> (or «» if I may joke about the > utf8-cleanliness of the tokeniser) > * a feature or a pragma then becomes not useful > * a way to extend ARGV's magic would be nice, but needs not to > be in the core Yes. I want to note that I’m not enamoured with the choice of `<<>>` as the operator’s glyph, but I have no better proposal and I’m not overly invested in that bikeshed. If anyone feels they have a better idea, pipe up (most specifically, I wish Larry would); either way though, so long as it breaks loudly in existing perls, it’s good enough. Anyway, I *think* this approach satisfies everyone’s concerns. Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/>Thread Previous | Thread Next