389 lines
15 KiB
HTML
389 lines
15 KiB
HTML
<!--startcut ======================================================= -->
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
|
<html>
|
|
<head>
|
|
<META NAME="generator" CONTENT="lgazmail v1.3D.j">
|
|
<TITLE>The Answer Guy 54: Another Homework Assignment from Hotmail</TITLE>
|
|
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
|
|
LINK="#3366FF" VLINK="#A000A0">
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<P> <hr>
|
|
<!-- *** BEGIN navbar *** :::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<p align="center">
|
|
<A HREF="../lg_bytes54.html"><IMG ALT="[ Prev ]"
|
|
SRC="../../gx/navbar/prev.jpg"
|
|
WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom" >
|
|
<A HREF="../index.html"><IMG ALT="[ Table of Contents ]"
|
|
SRC="../../gx/navbar/toc.jpg"
|
|
WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<A HREF="../../index.html"><IMG ALT="[ Front Page ]"
|
|
SRC="../../gx/navbar/frontpage.jpg"
|
|
WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<A HREF="../../faq/index.html"><IMG ALT="[ FAQ ]"
|
|
SRC="../../gx/navbar/faq.jpg"
|
|
WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg"
|
|
WIDTH="15" HEIGHT="45" ALIGN="bottom" >
|
|
<A HREF="../lg_tips54.html"><IMG ALT="[ Next ]"
|
|
SRC="../../gx/navbar/next.jpg"
|
|
WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<!-- *** END navbar *** :::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</p>
|
|
<P> <hr> <P>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<center>
|
|
<H1><A NAME="answer">
|
|
<img src="../../gx/dennis/qbubble.gif" alt="(?)"
|
|
border="0" align="middle">
|
|
<font color="#B03060">The Answer Guy</font>
|
|
<img src="../../gx/dennis/bbubble.gif" alt="(!)"
|
|
border="0" align="middle">
|
|
</A></H1>
|
|
<BR>
|
|
<H4>By James T. Dennis,
|
|
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a><BR>
|
|
LinuxCare,
|
|
<A HREF="http://www.linuxcare.com/">http://www.linuxcare.com/</A>
|
|
</H4>
|
|
</center>
|
|
|
|
<p><hr><p>
|
|
<!-- endcut ======================================================= -->
|
|
<!-- begin 4 -->
|
|
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
|
|
height="50" width="60" alt="(?) " border="0"
|
|
>Another Homework Assignment from Hotmail</H3>
|
|
|
|
|
|
<p><strong>From Milton bradley on Tue, 02 May 2000
|
|
</strong></p>
|
|
<!-- ::
|
|
Another Homework Assignment from Hotmail
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
:: -->
|
|
<P><STRONG>
|
|
Hello,
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
Don't really know if you'll answer my questions but it doesn't hurt
|
|
to give it a try. If you can all I can say is thanks. Well here
|
|
goes
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
the situation is this
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
You and your friends have decided that e-mail is the easiest
|
|
way to get your homework done for you?
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
[I got another question from a different address at Hotmail
|
|
yesterday. It had a similarly "Do my homework for me" tone
|
|
to it.]
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
Directory tress can include large numbers of files. Referencing a
|
|
file by full path name can be burdensome on the user. Consequently
|
|
in UNIX there is an environment variable $PATH
|
|
(e.g. .:/bin:/usr/bin) which directs the system for the directories
|
|
it is to search for an executable file. All non-executable files
|
|
are looked for only in current working directory(.).
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
Actually this set of propositions is full of minor inaccuracies.
|
|
First the $PATH environment variable is not a feature of UNIX
|
|
per se. It is not unique to UNIX, and it is not necessitated
|
|
by UNIX. However it is a widely used convention <TT>---</TT> and it's
|
|
probably required by POSIX in the implementation of shells and
|
|
possibly some standard libraries.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Non-executable files are found according to the semantics
|
|
of the program doing the opening. Usually this is a
|
|
path (either an absolute path from the root directly or one
|
|
that is relative to the current working directory or $CWD).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
The main flaw in your propositions is that the PATH exists
|
|
primarily for convenience. There is actually a more
|
|
important reason for things to use the PATH.
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
questions are
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
1) Why shouldn't other non-executable file be referenced by this
|
|
mechanism?
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
Why should they.
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
2) SuperUsers are cautioned that the shell should not look in the
|
|
current working directory first (e.g. <TT>/bin:/usr/bin:.</TT>) for security
|
|
reasons. Why?
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
All users are cautioned that adding . (CWD, the current working
|
|
directory) to their PATH carries some risk.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Let's say that you put . on your path. If you put it at the
|
|
beginning of your path you've implemented a policy that any
|
|
executable in the current directly takes precedence over any
|
|
other executables by that name. So I'm an evil user and I
|
|
just create a program name 'ls' which does "bad things(TM)"
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
(I'll leave the exact nature of "bad things(TM)" to your
|
|
imagination).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
When 'root' or any other user then does a 'cd' into my directory
|
|
and types 'ls' (a very common situation) then my program runs
|
|
in their security context. I effectively can do anything that
|
|
they could do. I can access any file they can access. I can
|
|
completely subvert their account.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Doh!
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
So let's put that . at the end of the PATH. That's solve the
|
|
problem. Now the <TT>/bin/ls</TT> or <TT>/usr/bin/ls</TT> will be executed
|
|
in preference to my copy of 'ls.'
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
So now the user "evil" has to get more clever. He makes a number
|
|
of useful links to his "bad things(TM)" script. These are
|
|
carefully crafted strings like: "sl" and "ls-al" (common
|
|
typos that the hurried user might make make while visiting my
|
|
directory).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Quod erat demonstratum.
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
3) The c-shell creates a hash table of the files in $PATH on
|
|
start-up. Give one advantage of this scheme:
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
><BLOCKQuote>
|
|
The hash tables is basically an index of all executables on
|
|
the path. Thus one can find, in O(logN) time if an executable
|
|
exists and where it is. (Look up "theta notation" in any
|
|
text book on "computational complexity analysis to understand
|
|
that "big Oh" notation).
|
|
</BLOCKQuote></BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
4) Give one disadvantage of the above mentioned scheme:
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
><BLOCKQuote>
|
|
I'll give two.
|
|
</BLOCKQuote></BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
<ul>
|
|
<li> The shell will need to malloc more memory than a
|
|
non-hash version would require. It needs to build
|
|
the hash table and keep it in core. Moreover this
|
|
data is not shareable memory --- it is private to
|
|
each instance of the shell.
|
|
<li> The hash table may get out of sync with the real list
|
|
of executables on the disk. Some additional binaries
|
|
may be added and the shell has no way of detecting
|
|
it. (Shells that support PATH hashing generally also
|
|
offer some command to update their hash table ---
|
|
'<tt>rehash</tt>' and '<tt>hash -r</TT>' are common).
|
|
</ul></BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
5) Since the system can easily maintain a list of files referenced
|
|
in teh course of a login session, one could also maintain a
|
|
REFERENCE FILE TABLE and use it as part of a scheme to locate files.
|
|
Give one advantage of this scheme:
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
><BLOCKQuote>
|
|
Hmm. MU!
|
|
</BLOCKQuote></BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Which "one" could do this? Would this be a new API? What programs
|
|
would support it? How?
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Ergo I unask your question.
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
6) Give one disadvantage of this scheme:
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
><BLOCKQuote>
|
|
Commands with the same name are presumed to provide compatible
|
|
semantics. Ambiguity among data files is likely to have severe
|
|
consequence.
|
|
</BLOCKQuote></BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
One could use expressions like `locate foo` in each case where one
|
|
wished to refer to "the first file named 'foo' on my data search
|
|
path." One could certainly implement an API that took filenames,
|
|
perhaps of the form: <TT>././foo</TT> and resolved them via a search
|
|
mechanism.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
(Note: GNU systems, such as Linux, often have the "updatedb" or
|
|
"slocate" packages installed. These provide a hashed index of all
|
|
files on the system which are linked through publicly readable
|
|
directories. Thus the `locate` command expression could be used
|
|
already <TT>---</TT> though the user wouldn't be able to implement a policy
|
|
over how many and in which order the file names were returned. It
|
|
would a simple matter of programming to write one's own shell
|
|
function or script which read a DPATH environment variable, called
|
|
the 'locate' command and search the return list for matches in a
|
|
preferential order).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
BTW: Some shells implement a CDPATH environment setting.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Here's an excerpt from the 'bash' man page:
|
|
</BLOCKQUOTE>
|
|
|
|
<blockquote><pre> CDPATH The search path for the cd command. This is a
|
|
colon-separated list of directories in which the
|
|
shell looks for destination directories specified
|
|
by the cd command. A sample value is ".:~:/usr".
|
|
</pre></blockquote>
|
|
<BLOCKQUOTE>
|
|
As I see it the man reason for UNIX to implement support for
|
|
executable search PATH is to allow scripts to be more portable,
|
|
while allowing users and administrators to implement their own
|
|
polices and preferences among multiple versions of executables by
|
|
the same name.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Thus when I use 'awk' or 'sed' in a script I don't care which 'awk'
|
|
or 'sed' it is and where this particular version of UNIX keeps its
|
|
version of these utilities. All I care about is that these
|
|
utilities provide the same semantics as the rest of my scripts and
|
|
commands require.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
If I find that the system default 'awk' or 'sed' is deficient in
|
|
some way (and if I'm a "mere mortal user") I can still serve my
|
|
needs by installing a personal copy of a better 'awk' (gawk or mawk)
|
|
and/or a better 'sed' (such as the GNU version). PATHs are the
|
|
easiest way to accomplish this.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
So, the disadvantage of implement some sort of "data path" feature
|
|
into the UNIX shells and libraries would basically be:
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE><BLOCKQuote>
|
|
IT'S A STUPID IDEA!
|
|
</BLOCKQuote></BLOCKQUOTE>
|
|
|
|
<!-- sig -->
|
|
|
|
|
|
<!-- end 4 -->
|
|
<!--startcut ======================================================= -->
|
|
<P> <hr> </p>
|
|
<H5 align="center"><a href="http://www.linuxgazette.com/copying.html"
|
|
>Copyright ©</a> 2000, James T. Dennis
|
|
<BR>Published in <I>The Linux Gazette</I> Issue 54 June 2000</H5>
|
|
<H6 ALIGN="center">HTML transformation by
|
|
<A HREF="mailto:star@tuxtops.com">Heather Stern</a> of
|
|
Tuxtops, Inc.,
|
|
<A HREF="http://www.tuxtops.com/">http://www.tuxtops.com/</A>
|
|
</H6>
|
|
<P> <hr>
|
|
<!-- begin tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<p align="center">
|
|
<IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="middle" border="0">
|
|
<A HREF="../lg_answer54.html"
|
|
><IMG SRC="../../gx/dennis/answertoc.jpg" align="middle"
|
|
ALT="[ Answer Guy Current Index ]" border="0"></A>
|
|
<A HREF="../lg_answer54.html#greeting"><img align="middle"
|
|
src="../../gx/dennis/smily.gif" alt="greetings" border="0"></A>
|
|
<A HREF="1.html">1</A>
|
|
<A HREF="2.html">2</A>
|
|
<A HREF="3.html">3</A>
|
|
<A HREF="4.html">4</A>
|
|
<A HREF="5.html">5</A>
|
|
<A HREF="6.html">6</A>
|
|
<A HREF="7.html">7</A>
|
|
<A HREF="8.html">8</A>
|
|
<A HREF="9.html">9</A>
|
|
<A HREF="10.html">10</A>
|
|
<A HREF="11.html">11</A>
|
|
<A HREF="12.html">12</A>
|
|
<A HREF="13.html">13</A>
|
|
<A HREF="14.html">14</A>
|
|
<A HREF="15.html">15</A>
|
|
<A HREF="16.html">16</A>
|
|
<A HREF="17.html">17</A>
|
|
<A HREF="18.html">18</A>
|
|
<A HREF="../../tag/kb.html"
|
|
><IMG SRC="../../gx/dennis/answerpast.jpg" align="middle"
|
|
ALT="[ Index of Past Answers ]" border="0"></A></td>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg" align="middle"
|
|
WIDTH="14" HEIGHT="45" BORDER="0">
|
|
</p>
|
|
<!-- end tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<P> <hr>
|
|
<!-- *** BEGIN navbar *** :::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<p align="center">
|
|
<A HREF="../lg_bytes54.html"><IMG ALT="[ Prev ]"
|
|
SRC="../../gx/navbar/prev.jpg"
|
|
WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom" >
|
|
<A HREF="../index.html"><IMG ALT="[ Table of Contents ]"
|
|
SRC="../../gx/navbar/toc.jpg"
|
|
WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<A HREF="../../index.html"><IMG ALT="[ Front Page ]"
|
|
SRC="../../gx/navbar/frontpage.jpg"
|
|
WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<A HREF="../../faq/index.html"><IMG ALT="[ FAQ ]"
|
|
SRC="../../gx/navbar/faq.jpg"
|
|
WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg"
|
|
WIDTH="15" HEIGHT="45" ALIGN="bottom" >
|
|
<A HREF="../lg_tips54.html"><IMG ALT="[ Next ]"
|
|
SRC="../../gx/navbar/next.jpg"
|
|
WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<!-- *** END navbar *** :::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</p>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</BODY></HTML>
|
|
<!--endcut ========================================================= -->
|