Project

General

Profile

Feature #14245

Add File.read etc.

Added by shugo (Shugo Maeda) 4 months ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
[ruby-core:84495]

Description

Some people use File.open without knowing that it's defined in IO and pipes can be opened.

p File.read("|echo hello") #-> "hello"

How about to add File.read, File.binread, File.foreach etc. (similar version to File.open)?
Code like File.read(filename) is considered to have no intention to open pipes.

Implementation by prelude.rb is suggested by normalperson in #14239:

I like that idea, I've been rewriting some stuff to use
"File.open(filename, &:read)" instead of IO.read.

Now, can we implement these new singleton methods in
prelude.rb instead of writing in C? :)

0001-io.c.patch (2.39 KB) 0001-io.c.patch shugo (Shugo Maeda), 03/17/2018 11:47 AM

Related issues

Related to Ruby trunk - Bug #14239: warn open("|...")Closed

Associated revisions

Revision 798316ea
Added by shugo (Shugo Maeda) about 1 month ago

io.c: Methods of File should not invoke external commands

For security reasons, File.read, File.binread, File.write, File.binwrite,
File.foreach, and File.readlines should not invoke external commands even
if the path starts with the pipe character |.
[Feature #14245]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62857 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 62857
Added by shugo (Shugo Maeda) about 1 month ago

io.c: Methods of File should not invoke external commands

For security reasons, File.read, File.binread, File.write, File.binwrite,
File.foreach, and File.readlines should not invoke external commands even
if the path starts with the pipe character |.
[Feature #14245]

History

#1 Updated by shugo (Shugo Maeda) 4 months ago

#2 Updated by shugo (Shugo Maeda) 4 months ago

  • Description updated (diff)

#3 [ruby-core:84499] Updated by akr (Akira Tanaka) 4 months ago

If I understand this proposal correctly,
this proposal means that adding File.read method and
doesn't change IO.read method?
I.e. IO.read("|command") is works as now?.

I think it is possible direction.

Apart from that, we should list all affected methods explicitly (without "etc.").

#4 [ruby-core:84504] Updated by shevegen (Robert A. Heiler) 4 months ago

Code like File.read(filename) is considered to
have no intention to open pipes.

When added, the documentation should also
briefly mention the reference to pipes.

For example, a few months ago I did not even know
about the leading '|' character - I first saw it
on the ruby issue tracker. :)

Current link to File is here:

https://ruby-doc.org/core/File.html

#5 [ruby-core:85947] Updated by shugo (Shugo Maeda) about 2 months ago

akr (Akira Tanaka) wrote:

If I understand this proposal correctly,
this proposal means that adding File.read method and
doesn't change IO.read method?
I.e. IO.read("|command") is works as now?.

Yes.

Apart from that, we should list all affected methods explicitly (without "etc.").

The following methods will be affected:

  • read
  • binread
  • write
  • binwrite
  • foreach
  • readlines

#6 [ruby-core:86121] Updated by matz (Yukihiro Matsumoto) about 1 month ago

Agreed for mostly security reasons.

Matz.

#7 [ruby-core:86132] Updated by shugo (Shugo Maeda) about 1 month ago

matz (Yukihiro Matsumoto) wrote:

Agreed for mostly security reasons.

Is this incompatibility acceptable in Ruby 2.6?

#9 Updated by shugo (Shugo Maeda) about 1 month ago

  • Status changed from Open to Closed

Applied in changeset trunk|r62857.


io.c: Methods of File should not invoke external commands

For security reasons, File.read, File.binread, File.write, File.binwrite,
File.foreach, and File.readlines should not invoke external commands even
if the path starts with the pipe character |.
[Feature #14245]

Also available in: Atom PDF