GNU bug report logs - #19998
GREP_OPTIONS alternative?

Previous Next

Full log

Message #37 received at 19998-done <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Christian Kujau <lists <at> nerdbynature.de>
Cc: 19998-done <at> debbugs.gnu.org
Subject: Re: bug#19998: GREP_OPTIONS alternative?
Date: Wed, 11 Mar 2015 17:58:42 -0700

[Message part 1 (text/plain, inline)]

Christian Kujau wrote:
> On a Debian/Linux or a
> SuSE Linux system,/bin/*grep are not symlinks to /bin/grep but
> seperate executables.

On my Ubuntu 14.10 system, fgrep lives in /bin and is a separate executable 
(actually a shell script), but it invokes 'grep'.  Likewise for Fedora 21, where 
fgrep lives in /usr/bin.  So what you write doesn't necessarily contradict what 
I said.

On the other hand, now that I've tested it, I see that when I type 'fgrep' Bash 
invokes it as '/bin/fgrep', which surprises me and which defeats the purpose of 
having 'fgrep' look at $0.  I installed the attached patch, which should fix that.

> Why is GREP_OPTIONS random and LESS or ZIPOPT or GZIP are not?

For starters, none of the other variables are used by standard utilities. 
Admittedly some judgment is needed here.  As LESS is merely a user-interface 
thing it's less worrisome.  I don't know what ZIPOPT is.  GZIP is worrisome and 
probably should go -- an attacker can use GZIP to cause 'gzip' to remove 
/etc/passwd, for example.  So it looks like I should add removing GZIP to my 
list of things to do too....

[0001-egrep-fgrep-just-use-what-s-in-PATH.patch (text/x-patch, attachment)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.