> > $ echo 1 > "FOO BAR" && run-mailcap "FOO BAR" --norun > > less '/tmp/fileMcDJO5' > > > > I would expect this: > > less '/home/stephan/FOO BAR' > > > > as it works without spaces. > > > > $ echo 1 > "FOOBAR" && run-mailcap "FOOBAR" --norun > > less '/home/stephan/FOOBAR' > > This though is "on purpose". You see the reason for it if you add > --debug, it will say: > > - filename contains shell meta-characters; aliased to '/tmp/fileTF4iXm' > > and is due to the fix in https://www.debian.org/security/2014/dsa-3114
So this fix breaks the functionality of run-mailcap with option --norun. It might make sense to fix the security issue internally by use of aliasing (i.e. without --norun), but the output with --norun should IMHO still contain the original filename and the user/caller has the responsibility to handle meta-characters in filenames properly then. This can be added to documentation. The other option would be to remove the option --norun and explicit break applications depending on it, in order to avoid strange bugs there. Best regards. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
