[augeas-devel] FreeBSD /etc/rc.conf

[Richard W.M. Jones]

On Thu, Nov 18, 2010 at 02:11:30PM +0100, Mathieu Arnold wrote:
> +--On 18 novembre 2010 12:29:25 +0000 "Richard W.M. Jones"
> <rjones at redhat.com> wrote:
> | Question is, who is responsible for stopping that from happening?  I
> | think the answer should involve Augeas, either doing the escaping, or
> | providing hints to upper layers so we know what to escape.
> 
> I don't think Augeas should too to much things, I see it as a very nice and
> consistent way to access files, but in the end, it's me (as in the one
> using Augeas) who knows what should go in those files thus sanitizing the
> user input so that it does not unleash hell.
> 
> For instance, a hostname coming from a user will always have to match
> /^[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?(?:\.[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?)$/i
> because it's what a hostname should look like at the end of the day.
> 
> But I might (for some strange reason I can't fathom yet) want to do
> something like :
> hostname="`ifconfig | awk '/ether/ {gsub(\":\", \"\", $2); print $2;
> exit}'`.absolight.net"
> 
> And I would really like to be able to do the second with Augeas :-)

Indeed, hence my other suggestion that Augeas could pass some typing
information (like a phantom type, in fact) up to callers so they know
that the this field is not merely a string, but a string that the
shell will interpret.  This would allow both escaping (my case) and
extended shell functionality (your case).

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/