[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: QA needed for insecure LD_LIBRARY_PATH in many wrapper scripts

* Stefan Fritsch (sf@debian.org) [071116 13:03]:
> is unset. (Actually, some scripts use "${LD_LIBRARY_PATH+:
> $LD_LIBRARY_PATH}", which seems to work, too. But this is not 
> documented in the bash man page, at least I can't find it.)

The difference between ${PARAMETER:+WORD} and ${PARAMETER+WORD} is
subtle, and you're right, it's not documented in the bash man page.
It is part of the POSIX shell standard, though.  ${PARAMETER:+WORD}
substitutes WORD if PARAMETER is set and non-empty.  ${PARAMETER+WORD}
substitutes WORD if PARAMETER is set, empty or not.  For example:

vineet@sprocket:~$ FOO=
vineet@sprocket:~$ echo ${FOO+BAR}
vineet@sprocket:~$ echo ${FOO:+BAR}

vineet@sprocket:~$ unset FOO
vineet@sprocket:~$ echo ${FOO+BAR}

vineet@sprocket:~$ echo ${FOO:+BAR}


In many cases they'll be equivalent, but in the LD_LIBRARY_PATH case,
I'd recommend using the colon-form.  If someone has set an empty
LD_LIBRARY_PATH, the correct behavior is just to add the directory you
want; you don't want to stick an extra empty pathname component in

good times,

"As we enjoy great advantages from inventions of others, we should be glad
of an opportunity to serve others by any invention of ours; and this we
should do freely and generously."	--Benjamin Franklin

Attachment: signature.asc
Description: Digital signature

Reply to: