Front page | perl.perl5.porters |
Postings from July 2008
On Tue, 29 Jul 2008, Rafael Garcia-Suarez wrote:
> 2008/7/29 Aristotle Pagaltzis <pagaltzis@gmx.de>:
> > * Abigail <abigail@abigail.be> [2008-07-28 21:30]:
> >> - Programs that wouldn't use while (<>) pre-5.12 (because they
> >> might run in an environment where file names may start with
> >> '|' or '>') will use 3-arg "safe" while (<>), will be,
> >> silently, a security issue when run with a pre-5.12.
> >>
> >> If you make "while (<<>>)" to be 3-arg open, then at least such
> >> programs will fail to compile when run with a pre-5.12 perl.
> >
> > Exactly. I want to highlight this again: in my opinion, having
> > code that is safe under 5.12 (or 5.10.1 or whenever) not silently
> > become unsafe under 5.10.0 or earlier is an incontrovertible
> > argument for introducing a new safe diamond-like operator as
> > incompatible syntax.
>
> If I parse you well, that's indeed a compelling argument. Finding a
> balance between security and compatibility isn't very easy.
Yes indeed. Finding an appropriate balance is always a challenge, but
maintaining it has always been one of Perl's strengths. In the past 20
years, the landscape in which perl programs run has changed considerably.
It is not at all unreasonable to reconsider that balance.
If we were to change while (<>), then the "unsafe" conversions mentioned
above would have to be balanced against the "safe" conversions of many
previously unsafe programs when run under 5.12. And, of course, any net
"improvement" would have to be weighed against the cost of breaking
existing programs.
My initial reaction was that the creative use of magic ARGV was probabaly
insufficiently routine that, on balance, it made sense to consider
changing while(<>). I think Tom has persuaded me that it might well be
more routine than I initially imagined, which indeed shifts the balance.
In any case, I do think Tom summed up my feelings well:
On Tue, 29 Jul 2008, Tom Christiansen wrote:
> I still have a vague hunch like a module, or here even a pragma,
> might be a good idea. It's vague, and undeveloped. I'd like
> to give that time to grow. [ . . . ]
> I'm afraid we may be heading down, if not break-their-programs, at
> least the annoying-warning route, and that now as then there might
> well be a cleaner and less noisily troubling solution. That's why
> I don't think loudness of complaint should turn into quick action.
> Without a dampening period of contemplation and consideration, the
> feedback loop would whiplash the language too much, and thence its
> users as well.
--
Andy Dougherty doughera@lafayette.edu
Thread Previous
|
Thread Next