From: Neil M. <ne...@cs...> - 2004-03-29 19:49:41
|
CC'ing tcl-core, as I just realised I forgot to the first time round, so this discussion had inadvertantly moved away from the list. On 29 Mar 2004, at 20:27, Peter da Silva wrote: >> Well, only files which exactly match "-async" (or a prefix of). Given >> the current spec: >> >> open "-async" >> >> would error, as [open] would think no filename had been given. >> >> open "-async" w >> >> (for instance), would try to open a file named "w" for reading >> asynchronously. This is why I added the "--" end of options specifier, >> but you are right that existing applications would need to be >> modified, >> which perhaps isn't the best solution. > > Yah. Like I said, I'm worried about the security implications. If you > can > sneak a filename "-async" into an existing script then you could cause > a previously impossible failure or success in a program that's > security- > critical. It's a small hole, but a lot of security problems in websites > have used small holes. > >> This could be done. I modelled the option on how [socket] does things, >> but I'm not particularly attached to that way of doing things. > > It would keep existing programs from failing, because you can't > currently > have "-async" at that end of the arguments. Another option would be to > add > an "a" flag, maybe? > > open filename "ra" That would also be acceptable. My current thinking is to implement this via the "mode" parameter at the C level, so this would actually fit quite well. Neil. |