Steve Simmons wrote:
> ..bash_once defines SET_ONCE and loads literally hundreds of environment
> variables and exports many shell functions that would otherwise have to be
> defined in .bashrc and processed on every freaking run. .bash_once is about
> 50 times larger than .bashrc and .bash_login. Fast. Very fast. But without
> exportable functions, it wouldn't work at all.
>
> As an exercise for the student, consider the utility of this simplified
> excerpt:
>
> for SYSTEM in \
> {foo,bar,baz}.dec.school.edu \
> {alligator,snake-skin,lizard}.reptiles.work.com \
> {misery,serenity,frailty}.films.home.org \
> ; do # Strip off domain, use dash-less name as function name
> export FNAME=${SYSTEM%%.*}
> export FNAME=${FNAME//-/}
> eval $(echo "$FNAME() { ssh $SYSTEM" '"$@";};'" export -f $FNAME")
> unset SYSTEM FNAME
> done
>
> Hint - source those lines, then give the command 'builtin type snakeskin'.
>
> It's probably too much overhead for every bash invocation, but if you only do
> it once per session, it's damned useful.
Is it so much overhead? You are replacing the cost of a bash for loop
(and its two assignations, one export and one unset per iteration) with
the same loop performed in C.
It doesn't seem such a big win, I think you would need to do a more
heavy computation outside the eval for that. Note that if we enter in
micro-optimization measuring, you should also measure the slowing to
every program which need to ignore those hundreds of environment
variables.
On the other hand, this approach would be much more interesting if bash
delayed parsing of exported functions until they are used (ie. check
that they begin with "() {" and store the string as an 'unparsed
function', only parsing them the first time it gets executed in the
process).
This should give a nice speed up when there are exported functions
(parsing is **slow**), and would have avoided the CVE as well. What do
you think, Chet?
FWIW, for this specific example, instead of using bash functions I would
have done that in ssh_config(5).
Host foo bar baz
HostName %h.dec.school.edu
Host alligator snake-skin lizard
HostName %h.reptiles.work.com
Host misery serenity frailty
HostName %h.films.home.org
Yes, you would need to type "ssh snake-skin" instead of "snakeskin" but
they will autocomplete, and also allows to use them on other commands,
which your functions don't cover, like scp, sftp, rsync, svn, hg, git…
Best regards
