[prev in list] [next in list] [prev in thread] [next in thread]
List: scilab-dev
Subject: function "ls"
From: Sylvestre Ledru <sylvestre.ledru () inria ! fr>
Date: 2008-02-08 9:16:27
Message-ID: 1202462188.24488.177.camel () korcula ! inria ! fr
[Download RAW message or body]
Hi,
I am thinking about changing the behaviour of the function ls
http://www.scilab.org/product/man/index.php?module=fileio&page=ls.htm
I would like to remove the second input argument for a few reasons:
* security issues. This simple example shows how weak it is :
ls("*.sci","`echo hacked >/tmp/hmhm`")
* Compatiblity and portability. A user working under Linux and using
tricks on this function won't have the same result under proprietary
operating systems.
* We are too closely related to the ls behaviour on the platform
* The code could be directly pluged to the listfiles and therefore
facilitate the maintenance (It is already the case under Windows).
Any objections ?
Sylvestre
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic