On Fri, Apr 08, 2005 at 06:16:10PM +0300, Aidas Kasparas wrote: > OK, I have reproduced this bug with setkey found in 0.5-5 deb. Only I > had to press/ ask perl to write \t twice in the row. That probably depends on readline settings.
> It appears, that directory listing is given if readline is compiled into > setkey, and do not apears, if it is not. Therefore, there is a quick > workaround to disable readline support. But, do we really need to go > this way? > > Although I understand that there is no need to get file completion > during setkey operation, how does it harm? > 1) if setkey's operations are taken from file, then setkey should be > invoked with -f option, not -c; in that case it ignores all \t even if > it is compiled with readline; > 2) if setkey is used interactively and user accidentally hits \t [twice] > it can continue to enter his/her command and that command will be > executed correctly; > 3) if setkey -c is used in scripts to supply commands via pipe and > command stream contains [double]\t then output will be clutered with > filesystem data, yet settings will be set correctly. [Maybe it is > possible to modify program which supplies commands to skip tabs, o even > to sed tabs out?] That is actually how I discovered the problem. My scripts *stopped* working. From what I can tell setkey does not work correctly when it encounters a '\t'. But I guess that might depend on what directory you are in and what readline decides to complete. > Therefore questions: > a) in which scenario tabs causes you problems? see above. > b) if that break is in code supplied by ipsec-tools debian package, then > where exactly this is? > c) is the severity of this bug really "important"? a) I could imagine this 'feature' posing a security problem since the output is highly unexpected and setkey's behaviour does not match it's documentation. b) It breaks existing scripts. Hence it has 'a major effect on the usability of the package'. > I promise to start discussion on this issue upstream, as file completion > should not be in setkey anyway. Maybe a switch should be provided to turn on interactive/readline mode? Best Regards Jens Taprogge -- Jens Taprogge mailto:[EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
