[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Success, to some extent



nisse@lysator.liu.se (Niels Mvller) writes:

> A stupid question: Is there any particular reason for not using the
> /dev/fd/NNN method by default? To me, it sounds more reliable than
> searching for the file in $PATH.

Searching in $PATH is entirely reliable because "found it" is measured
entirely by whether the file's identity is the same, and we have a
secure way to match file identities, through the io_identity RPC.

There are reasons why the /dev/fd/NNN version is suboptimal; first,
the file shows up on a file descriptor that gets inherited by all
children.  This has security implications that we haven't really
thought through at all.  Some scripts also might want to look at the
file name and key off that (a gross programming technique, I agree),
and they would lose if the file name were always /dev/fd/NNN.

Thomas


Reply to: