You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There's a convention in the GNU userspace for a bare '--' arg to indicate "everything in argv following the -- is not to be interpreted as a flag, just use as input to the program"
In the case of su, when you want su to run a command, you currently must use "-c/--command WORD_REPRESENTING_COMMAND", which will then be interpolated by another shell's -c invocation running as the target user.
This can be rather annoying and error prone, depending on the complexity of whatever is being executed via su.
I'd like to propose supporting "--" as an alternative to -c/--command which instead treats whatever remains in argv as the argv to supply directly to execve(), bypassing any further shell invocation or subsequent word splitting.
The text was updated successfully, but these errors were encountered:
After glancing at the code and actually reading the man page I see there's already existing semantics for '--' to pass subsequent argv entries on as flags.
So it looks like this should instead add a new flag to suppress using any interpretive shell when running the command, and suppress argv manipulation like adding the '-c' shell command flag.
How about supporting "--exec-command" / "-e" to suppress any "$shell -c", directly calling execve() on the command, with any arguments after '--' supplied as the rest of argv?
There's a convention in the GNU userspace for a bare '--' arg to indicate "everything in argv following the -- is not to be interpreted as a flag, just use as input to the program"
In the case of
su
, when you wantsu
to run a command, you currently must use "-c/--command WORD_REPRESENTING_COMMAND", which will then be interpolated by another shell's -c invocation running as the target user.This can be rather annoying and error prone, depending on the complexity of whatever is being executed via
su
.I'd like to propose supporting "--" as an alternative to -c/--command which instead treats whatever remains in argv as the argv to supply directly to execve(), bypassing any further shell invocation or subsequent word splitting.
The text was updated successfully, but these errors were encountered: