[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GNU Make bug report: broken dry-run functionality with sub-make invo
|
From: |
Paul Smith |
|
Subject: |
Re: GNU Make bug report: broken dry-run functionality with sub-make invocations |
|
Date: |
Mon, 21 Mar 2022 09:18:20 -0400 |
|
User-agent: |
Evolution 3.42.4 (by Flathub.org)) |
On Mon, 2022-03-21 at 09:34 +0000, Ambrus Sumegi wrote:
> For the record, I’ve thought of a sort-of-solution to the “would you
> have Make parse the shell command” question over the weekend. If the
> sub-make was called through a function rather than a variable, the
> whole issue could be a lot more contained. Having $(make, “<arguments
> passed to sub-make>”) as the canonical form of invoking other Make
> instances could guarantee that no other program gets called when the
> -n switch is used. This way any elaborate multi-line command
> containing $(MAKE) could more or less be fixed with a sed command to
> completely eliminate this problem class.
I don't see how this would work.
The command you wanted to run was:
$(MAKE) external_target | tee logs/external_task.log
You wanted to pipe the output of the make command to another command.
How does putting make in a function allow this to happen?
> Of course, one could still do something like $(make, $(shell
> (“some_reckless_command”)), but it would be more obvious, and Make
> could output an explicit warning about a shell being called together
> with the sub-make invocation, or even refuse to execute said shell
> call. Since on Fri 18/03/2022 20:14, psmith@gnu.org pointed out that
> this is also a potential security problem, a future release could
> deprecate the $(MAKE) variable and switch to the function-based
> invocation, with shell calls disabled within it by default for the
> sake of that extra bit of security.
It's simply not possible to make this change. People want to do all
kinds of complicated things before or after or instead of invoking the
sub-make, so the full power of the shell needs to be available.
If you wanted to simply run a make command with no surrounding shell
operations, then running:
$(MAKE) ...
all by itself _already_ does exactly what you want. It's only when you
need to add extra operations into the same recipe line that you run
into problems with "-n", and that's exactly the place where using a
make function instead won't work.
- GNU Make bug report: broken dry-run functionality with sub-make invocations, Ambrus Sumegi, 2022/03/17
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, Martin Dorey, 2022/03/17
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, Paul Smith, 2022/03/17
- RE: GNU Make bug report: broken dry-run functionality with sub-make invocations, Ambrus Sumegi, 2022/03/18
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, David A. Wheeler, 2022/03/18
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, Martin Dorey, 2022/03/18
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, Paul Smith, 2022/03/18
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, Gisle Vanem, 2022/03/18
- Re: GNU Make bug report: broken dry-run functionality with sub-make invocations, David A. Wheeler, 2022/03/18
RE: GNU Make bug report: broken dry-run functionality with sub-make invocations, Ambrus Sumegi, 2022/03/21