On Feb 23, 2014, at 11:17 AM, David Chisnall <theraven_at_FreeBSD.org> wrote: > On 23 Feb 2014, at 18:11, Allan Jude <freebsd_at_allanjude.com> wrote: > >> sysrc solves this nicely, it is in base now, and is great for >> programmatically adding, removing and changing lines in rc.conf style >> files. It is also in ports for older versions of FreeBSD where it is not >> in base. > > The problem is, there is no such thing as an rc.conf style file. rc.conf is just a shell script. If you only edit it with sysrc, or you are careful to preserve the structure, then it's fine. There is absolutely nothing stopping you, however, from writing arbitrarily complex shell scripts inside rc.conf. Sure, it's a terrible idea to do so, but when has that ever stopped anyone? > > An rc-replacement could enforce this by only accepting purely declarative files for configuration, guaranteeing that if they were syntactically valid they would also be machine editable, no matter what the user does to them. We already have a rc.conf.default. Why not a rc.conf.automation that does that and is added to the list of things to source? Then things like sysrc could operation on that secure in the knowledge that no shell commands could be there, and all bets are off if someone edits it by hand? WarnerReceived on Sun Feb 23 2014 - 21:04:04 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:47 UTC