Mantis Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0007794OCamlstandard librarypublic2018-05-10 11:182018-05-24 11:11
Assigned To 
PlatformOSOS Version
Product Version4.06.1 
Target VersionFixed in Version4.08.0+dev 
Summary0007794: Proposal: Add open_process_args, for proc+args instead of a shell
DescriptionI propose to add variants of the `open_process` functions which take "proc" and "args" instead of a shell command.


The standard library should encourage safe interfaces by making them more convenient than unsafe interfaces.

In particular, the safe process execution via "proc:string + args:string list" should be encouraged over shell command execution.

However, the nice, high-level open_process function is only available for shell commands. For safe execution (proc+args) there is only create_process which is relatively low-level.
Additional InformationSee also: [^]
TagsNo tags attached.
Attached Files

- Relationships
related to 0007672acknowledged Sys.command and Windows quoting 

-  Notes
nojebar (developer)
2018-05-13 23:56

Related PR: [^]
vog (reporter)
2018-05-14 11:30

Thanks for pointing to the related PR about "Filename.quote_command".

I'd just like to mention that I don't see Filename.quote_command as part of the solution, but more as part of the problem.

The respective low-level calls (execve, execvep, etc.) take prg+argv directly, and so should the implementation of "open_process_args".

It makes no sense to involve the shell at all. Calling the shell and escaping the arguments would just introduce a new possible point of (security) failure without any benefit: It would merely instruct the shell to perform what we should have performed on OCaml side in the first place.
xleroy (administrator)
2018-05-21 18:43

I agree, the proposed functions make sense and would be simpler than a working Filename.quote_command, with which I'm still struggling.
nojebar (developer)
2018-05-21 22:13 [^]
xleroy (administrator)
2018-05-24 11:11

Merged in trunk, will be in 4.08.0

- Issue History
Date Modified Username Field Change
2018-05-10 11:18 vog New Issue
2018-05-13 23:55 nojebar Relationship added related to 0007672
2018-05-13 23:56 nojebar Note Added: 0019114
2018-05-14 11:30 vog Note Added: 0019115
2018-05-21 18:43 xleroy Note Added: 0019129
2018-05-21 18:43 xleroy Severity minor => feature
2018-05-21 18:43 xleroy Status new => acknowledged
2018-05-21 22:13 nojebar Note Added: 0019134
2018-05-24 11:11 xleroy Note Added: 0019140
2018-05-24 11:11 xleroy Status acknowledged => resolved
2018-05-24 11:11 xleroy Resolution open => fixed
2018-05-24 11:11 xleroy Fixed in Version => 4.08.0+dev

Copyright © 2000 - 2011 MantisBT Group
Powered by Mantis Bugtracker