From 3a4b19e44cf4e74b7a6a58fed36ba3ca9cafc864 Mon Sep 17 00:00:00 2001 From: Gurusamy Sarathy Date: Sun, 27 Feb 2000 16:52:54 +0000 Subject: [PATCH] remove outdated info about csh and glob(); glob() need not fail when tainting anymore if using internal globbing p4raw-id: //depot/perl@5286 --- pod/perldelta.pod | 2 +- pod/perlfaq5.pod | 9 +++++---- pod/perlfunc.pod | 3 +++ pod/perlop.pod | 15 +++------------ pod/perlsec.pod | 4 ++-- pod/perltodo.pod | 57 +++---------------------------------------------------- pp_sys.c | 4 ++++ 7 files changed, 21 insertions(+), 73 deletions(-) diff --git a/pod/perldelta.pod b/pod/perldelta.pod index 9f24e12..97db6cc 100644 --- a/pod/perldelta.pod +++ b/pod/perldelta.pod @@ -1280,7 +1280,7 @@ detected at the end of the line containing the __END__ or __DATA__ token; if not, the DATA filehandle will be left open in binary mode. Earlier versions always opened the DATA filehandle in text mode. -The glob() operator is implemented via the L extension, +The glob() operator is implemented via the C extension, which supports glob syntax of the C shell. This increases the flexibility of the glob() operator, but there may be compatibility issues for programs that relied on the older globbing syntax. If you want to diff --git a/pod/perlfaq5.pod b/pod/perlfaq5.pod index 3869ff3..2209180 100644 --- a/pod/perlfaq5.pod +++ b/pod/perlfaq5.pod @@ -559,14 +559,15 @@ See also the new L if you have it (new for 5.6). =head2 Why do I sometimes get an "Argument list too long" when I use E*E? The CE> operator performs a globbing operation (see above). -By default glob() forks csh(1) to do the actual glob expansion, but +In Perl versions earlier than v5.6.0, the internal glob() operator forks +csh(1) to do the actual glob expansion, but csh can't handle more than 127 items and so gives the error message C. People who installed tcsh as csh won't have this problem, but their users may be surprised by it. -To get around this, either do the glob yourself with readdir() and -patterns, or use a module like Glob::KGlob, one that doesn't use the -shell to do globbing. This is expected to be fixed soon. +To get around this, either upgrade to Perl v5.6.0 or later, do the glob +yourself with readdir() and patterns, or use a module like Glob::KGlob, +one that doesn't use the shell to do globbing. =head2 Is there a leak/bug in glob()? diff --git a/pod/perlfunc.pod b/pod/perlfunc.pod index 525d26e..de7abdc 100644 --- a/pod/perlfunc.pod +++ b/pod/perlfunc.pod @@ -1937,6 +1937,9 @@ implementing the C*.cE> operator, but you can use it directly. If EXPR is omitted, C<$_> is used. The C*.cE> operator is discussed in more detail in L. +Beginning with v5.6.0, this operator is implemented using the standard +C extension. See L for details. + =item gmtime EXPR Converts a time as returned by the time function to a 9-element list diff --git a/pod/perlop.pod b/pod/perlop.pod index c5d7f3f..dfbdd19 100644 --- a/pod/perlop.pod +++ b/pod/perlop.pod @@ -1696,7 +1696,7 @@ way to have done it in the first place.) For example: chmod 0644, $_; } -is equivalent to +is roughly equivalent to: open(FOO, "echo *.c | tr -s ' \t\r\f' '\\012\\012\\012\\012'|"); while () { @@ -1704,20 +1704,11 @@ is equivalent to chmod 0644, $_; } -In fact, it's currently implemented that way, but this is expected -to be made completely internal in the near future. (Which means -it will not work on filenames with spaces in them unless you have -csh(1) on your machine.) Of course, the shortest way to do the -above is: +except that the globbing is actually done internally using the standard +C extension. Of course, the shortest way to do the above is: chmod 0644, <*.c>; -Because globbing currently invokes a shell, it's often faster to -call readdir() yourself and do your own grep() on the filenames. -Furthermore, due to its current implementation of using a shell, -the glob() routine may get "Arg list too long" errors (unless you've -installed tcsh(1L) as F or hacked your F). - A (file)glob evaluates its (embedded) argument only when it is starting a new list. All values must be read before it will start over. In list context, this isn't important because you automatically diff --git a/pod/perlsec.pod b/pod/perlsec.pod index 212879a..4037487 100644 --- a/pod/perlsec.pod +++ b/pod/perlsec.pod @@ -84,8 +84,8 @@ For example: exec "echo", $arg; # Secure (doesn't use the shell) exec "sh", '-c', $arg; # Considered secure, alas! - @files = <*.c>; # Always insecure (uses csh) - @files = glob('*.c'); # Always insecure (uses csh) + @files = <*.c>; # insecure (uses readdir() or similar) + @files = glob('*.c'); # insecure (uses readdir() or similar) If you try to do something insecure, you will get a fatal error saying something like "Insecure dependency" or "Insecure $ENV{PATH}". Note that you diff --git a/pod/perltodo.pod b/pod/perltodo.pod index 63997be..a6ca1f1 100644 --- a/pod/perltodo.pod +++ b/pod/perltodo.pod @@ -147,14 +147,6 @@ lexically-scoped subs, e.g. my sub =back -=head2 Built-in globbing - -Currently the C*.cE> syntax calls the c shell. This causes -problems on sites without csh, systems where fork() is expensive, and -setuid environments. Decide between Glob::BSD and File::KGlob, move -it into the core, and make Perl use it for globbing. Ben Holzman and -Tye McQueen have claimed the pumpkin for this. - =head1 Perl Internals =head2 magic_setisa @@ -593,20 +585,12 @@ pointed out that perllib_mangle() is good for this. =head1 Win32 Stuff -=head2 Get PERL_OBJECT building under gcc - -B, according to Sarathy. It builds under egcs on win32, -but doesn't run for occult reasons. If anyone knows the right -breed of chicken to sacrifice, please speak up. - =head2 Rename new headers to be consistent with the rest =head2 Sort out the spawnvp() mess =head2 Work out DLL versioning -=head2 Get PERL_OBJECT building on non-win32 - =head2 Style-check =head1 Would be nice to have @@ -853,13 +837,9 @@ Mark-Jason Dominus sent a patch which went into 5.005_56. =head2 Filenames -Make filenames in the distribution and in the standard module set +Keep filenames in the distribution and in the standard module set be 8.3 friendly where feasible. Good luck changing the standard -modules, though. B. - -=head2 Proper tied array support - -This was B in 5.005 by Nick Ing-Simmons. +modules, though. =head2 Foreign lines @@ -873,49 +853,18 @@ Mostly B in 5.005. CPP-space: stop malloc()/free() pollution unless asked -=head2 Explain tool - -Given a piece of Perl code, say what it does. B::Deparse is doing -this. B. - =head2 ISA.pm Rename and alter ISA.pm. B. It is now base.pm. -=head2 Automate maintenance of most PERL_OBJECT code - -B, says Sarathy. - -=head2 -iprefix. - -Added in 5.004_70. B - =head2 gettimeofday See Time::HiRes. -=head2 reference to compiled regexp - -B This is the qr// support in 5.005. - -=head2 eval qw() at compile time - -qw() is presently compiled as a call to split. This means the split -happens at runtime. Change this so qw() is compiled as a real list -assignment. This also avoids surprises like: - - $a = () = qw(What will $a hold?); - -B. Tom Hughes submitted a patch that went into 5.005_55. - =head2 autocroak? -B. This is the Fatal.pm module, so any builtin that that does +This is the Fatal.pm module, so any builtin that that does not return success automatically die()s. If you're feeling brave, tie this in with the unified exceptions scheme. -=head2 Status variable - -$^C to track compiler/checker status. B in 5.005_54. - =cut diff --git a/pp_sys.c b/pp_sys.c index 9626025..3429c45 100644 --- a/pp_sys.c +++ b/pp_sys.c @@ -359,6 +359,9 @@ PP(pp_glob) ENTER; #ifndef VMS + /* If we're not using an external glob, just let readdir() tainting + * do its thing. Otherwise, engage paranoia mode. */ +#if defined(PERL_EXTERNAL_GLOB) if (PL_tainting) { /* * The external globbing program may use things we can't control, @@ -367,6 +370,7 @@ PP(pp_glob) TAINT; taint_proper(PL_no_security, "glob"); } +#endif /* PERL_EXTERNAL_GLOB */ #endif /* !VMS */ SAVESPTR(PL_last_in_gv); /* We don't want this to be permanent. */ -- 2.7.4