[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new option: --sandbox (disables e/w/x commands)
|
From: |
Jim Meyering |
|
Subject: |
Re: new option: --sandbox (disables e/w/x commands) |
|
Date: |
Sat, 3 Sep 2016 19:35:27 -0700 |
On Tue, Aug 30, 2016 at 7:06 PM, Assaf Gordon <address@hidden> wrote:
> Hello,
>
> Attached is a suggestions for a new option: --sandbox.
> With this option, commands 'e/w/x' are rejected - ensuring sed can not access
> any resources outside those specified on the command line.
>
> A more detailed description is here:
> http://lists.gnu.org/archive/html/sed-devel/2016-04/msg00000.html
Hi Assaf,
Thanks for writing that.
There are four "compare" commands in sandbox.sh that lack the usual
"|| fail=1" suffix. Adding those and rerunning the test shows that the
expected error output will have to vary for at least two of the tests,
to account for the differing offsets:
err="sed: -e expression #1, char 1: e/r/w commands disabled in sandbox mode"
That "char 1" will have to be "char 6" in one case and "char 14" in another.
On the barely-matters front, please indent this the way GNU indent would:
+ enum {
+ SANDBOX_OPTION = CHAR_MAX+1
+ };
Other than that, I think it's good to push.
- Re: new option: --sandbox (disables e/w/x commands),
Jim Meyering <=