Timeline for Setting an environment variable before a command in Bash is not working for the second command in a pipe
Current License: CC BY-SA 3.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 8, 2023 at 19:44 | comment | added | gniourf_gniourf | @cambunctious there's no user input or anything passed to eval, so your point is really moot here, and I also gave a solution using a function. | |
| Jun 8, 2023 at 13:11 | comment | added | cambunctious |
@gniourf_gniourf eval is a very powerful tool in general since it can take any string from anywhere and execute it. Strictly using eval with a single-quoted argument does seem to limit its power/risk, but that is kinda beside the point. bash -c also takes any string so indeed it's not much better. To me a subshell or a function is ideal here. I generally dislike writing code in a string literal, but I suppose that is purely aesthetic.
|
|
| Jun 7, 2023 at 4:28 | comment | added | gniourf_gniourf |
@cambunctious lol, can you please explain what's wrong with eval? why is it a jackhammer in this case? why is it worse than the accepted answer that uses bash -c (which, is actually worse than eval in this case as it spawns a whole new process altogether and exposes exactly the same (supposed) problems as eval)? I'm curious to see some genuine arguments beyond “I once read eval is evil, and was told to never use it”.
|
|
| Jun 6, 2023 at 13:54 | comment | added | cambunctious |
eval is a very powerful tool. Using it to solve the question here is like using a jackhammer when you need a screwdriver.
|
|
| Aug 23, 2021 at 18:43 | comment | added | Derek Mahar |
I think the function solution is clearer, though somewhat more verbose, than the eval solution.
|
|
| Apr 25, 2017 at 16:52 | history | edited | Teemu Leisti | CC BY-SA 3.0 |
Added & removed paragraph breaks to separate the two different answers more clearly + slight editing for grammar and readability
|
| Nov 9, 2016 at 17:27 | history | edited | gniourf_gniourf | CC BY-SA 3.0 |
added 753 characters in body
|
| Jun 27, 2016 at 13:36 | comment | added | Alfe | What I do when someone tells me that my answer lacks some aspect, I don't get at him personally for wanting to know whether they downvoted my answer and whether they also downvoted other answers. Instead I try to improve my answer. But we obviously have different approaches on how to handle things. I find that avoiding communication and editing other people's answers myself is the second best solution because often the original author doesn't even notice this, so I don't know if they agree. I prefer finding a consensus even if this means to step into the pit. It just doesn't always work. | |
| Jun 27, 2016 at 12:56 | comment | added | Alfe | A link to stackoverflow.com/questions/17529220/… would be enough to hint on the dangers. A short statement which aspects of the answer make it safe (single quotes, so don't use this without them! or similar) would be even better. | |
| Jun 27, 2016 at 12:39 | comment | added | Alfe |
I removed my comments to concentrate my concern in one new comment: eval is a security issue in general (like bash -c but less obvious), so the dangers should be mentioned in an answer proposing its use. Careless users may take the answer (FOO=bar eval …) and apply it to their situation so that it raises problems. But it obviously was more important to the answerer to figure out whether I downvoted his and/or other answers than to improve anything. As I wrote before, fairness shouldn't be the main concern; being no worse than any other given answer also is irregardless.
|
|
| Jun 27, 2016 at 5:42 | comment | added | Brett Ryan |
Votes aside, the comment provided @Alfe does somehow imply that the accepted answer is somehow safer. What would have been more helpful would have been for you to describe what you believe to be unsafe about the usage of eval. In the answer provided the args have been single quoted protecting from variable expansion, so I see no problem with the answer.
|
|
| Jan 29, 2016 at 8:54 | comment | added | gniourf_gniourf |
@Alfe: when I say You really sound like a guy who once read eval is evil without understanding what's evil about eval, I'm referring to your sentence: This answer lacks all the warnings and explanations necessary when talking about eval. eval is not bad or dangerous; no more than bash -c.
|
|
| Jan 29, 2016 at 8:43 | comment | added | gniourf_gniourf |
@Alfe: unfortunately I don't agree with your critique. This command is perfectly safe. You really sound like a guy who once read eval is evil without understanding what's evil about eval. And maybe you're not really understanding this answer after all (and really there's nothing wrong with it). On the same level: would you say that ls is bad because for file in $(ls) is ,bad? (and yeah, you didn't downvote the accepted answer, and you didn't leave a comment either). SO is such a weird and absurd place sometimes.
|
|
| Jan 28, 2016 at 12:51 | comment | added | gniourf_gniourf |
@Alfe: Did you also downvote the accepted answer? because it exhibits the same “problems” as eval.
|
|
| Dec 5, 2015 at 8:00 | review | Low quality answers | |||
| Dec 5, 2015 at 9:33 | |||||
| Dec 5, 2015 at 7:39 | history | answered | gniourf_gniourf | CC BY-SA 3.0 |