Senatorial (Senescent?) reflective pause (was: Creative and *routine* use of so-called "magic" ARGV (was [perl #2783] Security of ARGV using 2-argument open))

In-Reply-To: Message from Aristotle Pagaltzis <pagaltzis@gmx.de> 
   of "Wed, 30 Jul 2008 01:30:30 +0200." <20080729233030.GL9326@klangraum.plasmasturm.org> 

> I want to note that I'm not enamoured with the choice of <<>>
> as the operator's glyph, 

Indeed; nor am I.

> but I have no better proposal and I'm not overly invested in that
> bikeshed. If anyone feels they have a better idea, pipe up (most
> specifically, I wish Larry would);

I wouldn't hold my breath; but you never know.

I do note how Larry seems never to have thought a warning merited 
for sub-3-arg opens of any variety. 

I opine that it's always been the position that hostile-environment 
operations should be dealt with as exceptional ones not standard ones.  
That means that they're for running with -T and/or Safe.

I don't mean real security problems are ever treated lightly. 

I just find it hard to see that this anymore than another of many 
other things that just fall out of the Unix environment, like fifos 
and such.

> either way though, so long as it breaks loudly in existing perls,
> it's good enough.

> Anyway, I *think* this approach satisfies everyone's concerns.

I'd like to think about it a bit more.  

I still have a vague hunch like a module, or here even a pragma, 
might be a good idea.  It's vague, and undeveloped.  I'd like
to give that time to grow.

In any event, I don't think that the alarmicists' loudness should cause
anyone to make quick, undeliberated actions.  I am especially reminded of
that annoying period in our history when we were all forced to write

    while (defined ($data =    <FH>)) 			{ ... } 
    while (defined ($data =     readline(*FH) 		{ ... }
    while (defined ($filename = readdir(DH))  		{ ... } 
    if   (!defined ($linkee   = readlink($filename))) 	{ ... }

To quiet the very, very annoying warnings that came from the risk of
getting back "0", which is a false but defined, and couldn't be replaced 
by the (notorious?) "0 but true".  (See footnote)

It didn't really become too noticeable until Windows, which thought that
textfiles were CRLF-separated, not newline-terminated, sequences of lines.
Using chomp over chop fixed them, but not this.

So for a while, *EVERYBODY* had to change their programs.  That alone
should have been enough to show something wasn't right.  You can't demand
all users be smarter, because it will never happen.  But you can make the
compiler smarter.  Finally, the compiler got smart enough to insert an
implicit defined() when it recognized

    while ($var = readXXX()) { ...}

for XXX = {line,dir,link}, which was the *much* better solution, by far.

There are plenty of similarities here to that situation.

I'm afraid we may be heading down, if not break-their-programs, at
least the annoying-warning route, and that now as then there might
well be a cleaner and less noisily troubling solution.  That's why
I don't think loudness of complaint should turn into quick action.
Without a dampening period of contemplation and consideration, the
feedback loop would whiplash the language too much, and thence its
users as well.

---tom

FN: "0 but true" is exempt from numeric warnings, just like the very
    special form of "" returned by relationals, which is PL_sv_no.
    Sure, undef is exempt from them for ++ and += and .=, but the
    special "" (PL_sv_no) is except in all situations, just as "0
    but true" is.

    % perl -WE 'say "001"+"000"'
    1

    % perl -WE 'say 1+"3 blind mice"'
    Argument "3 blind mice" isn't numeric in addition (+) at -e line 1.
    4

    % perl -WE 'say 1+"0 but true"'
    1

    % perl -WE 'say 1+""'
    Argument "" isn't numeric in addition (+) at -e line 1.
    1

    % perl -WE 'say 1+(2==3)'
    1

Although:

    % perl -Mbignum -WE 'say "000"+"001"'
    1
    % perl -Mbignum -WE 'say 1+(2==3)'
    NaN
    % perl -Mbignum -WE 'say 1+""'
    NaN
    % perl -Mbignum -WE 'say 1+"3 blind mice"'
    NaN

And:

    % perl -WE 'say "Inf" + 0'
    0
    % perl -WE 'say "Inf" + 1'
    1
    % perl -WE 'say "Inf" + "-Inf"'
    0
    % perl -WE 'say "Inf" * "Inf"'
    0

vs

    % perl -Mbignum -WE 'say "Inf" + 0'
    NaN
    % perl -Mbignum -WE 'say "Inf" + 1'
    NaN
    % perl -Mbignum -WE 'say "Inf" + "-Inf"'
    0
    % perl -Mbignum -WE 'say "Inf" * "Inf"'
    0

• Senatorial (Senescent?) reflective pause (was: Creative and *routine* use of so-called "magic" ARGV (was [perl #2783] Security of ARGV using 2-argument open)) by Tom Christiansen
• Re: Senatorial (Senescent?) reflective pause (was: Creative and *routine* use of so-called "magic" ARGV (was [perl #2783] Security of ARGV using 2-argument open)) by Johan Vromans