[prev in list] [next in list] [prev in thread] [next in thread] 

List:       scilab-dev
Subject:    function "ls"
From:       Sylvestre Ledru <sylvestre.ledru () inria ! fr>
Date:       2008-02-08 9:16:27
Message-ID: 1202462188.24488.177.camel () korcula ! inria ! fr
[Download RAW message or body]

Hi,

I am thinking about changing the behaviour of the function ls
http://www.scilab.org/product/man/index.php?module=fileio&page=ls.htm

I would like to remove the second input argument for a few reasons:
* security issues. This simple example shows how weak it is :
 ls("*.sci","`echo hacked >/tmp/hmhm`")

* Compatiblity and portability. A user working under Linux and using
tricks on this function won't have the same result under proprietary
operating systems.

* We are too closely related to the ls behaviour on the platform

* The code could be directly pluged to the listfiles and therefore
facilitate the maintenance (It is already the case under Windows).

Any objections ?

Sylvestre




[prev in list] [next in list] [prev in thread] [next in thread]