[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#958563: ITP: shellescape -- Escape arbitrary strings for use as command line arguments

On Fri, Apr 24, 2020 at 4:55 AM Paul Wise <pabs@debian.org> wrote:
>
> On Thu, Apr 23, 2020 at 6:54 PM Bradford D. Boyle wrote:
>
> > This package is needed for barnard
>
> It would be a lot better to make barnard use the Go exec functions
> instead of using this module:
>
> https://golang.org/pkg/os/exec/
>

Thanks for taking a look at this so quickly. I am not overly familiar
with the upstream package (barnard), but I think I understand your
comment, but I wanted to check first: It looks like it currently is
using `exec.Command` to call `/bin/sh` that is being passed the result
of the shellescaped string. Instead of passing through `sh`, just use
`exec.Command` on the string directly?

Assuming I've understood correctly, would you recommend including this
change as a patch in the package for now? Or should I try to get
upstream to incorporate the patch first?

Thanks,

-- Bradford
Reply to: