2011/10/25 Daniel J Walsh <dwalsh@xxxxxxxxxx>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 10/25/2011 03:21 PM, Adam Williamson wrote: >> On Tue, 2011-10-25 at 20:39 +0200, Michał Piotrowski wrote: >>> 2011/10/25 Richard W.M. Jones <rjones@xxxxxxxxxx>: >>>> On Tue, Oct 25, 2011 at 08:33:28PM +0200, Michał Piotrowski >>>> wrote: >>>>> 2011/10/25 Chris Adams <cmadams@xxxxxxxxxx>: >>>>>> Once upon a time, Michał Piotrowski <mkkp4x4@xxxxxxxxx> >>>>>> said: >>>>>>> I created feature page >>>>>>> https://fedoraproject.org/wiki/Features/F18MorePortableInterpreters >>>>>> >>>>>> >>>>>>> > I strongly object to this "feature". /bin/sh is a Unix standard back to >>>>>> IIRC around 7th Edition, and there is NO good reason to >>>>>> break it. The "#!/usr/bin/env foo" suggested replacement >>>>>> has always been a hack to work around broken systems, not >>>>>> something suggested for all scripts. >>>>> >>>>> What is wrong with #!/usr/bin/env interpreter from technical >>>>> POV? >>>> >>>> This is what's wrong: >>>> >>>> $ cat > sh.sh #!/bin/sh $ cat > env.sh #!/usr/bin/env sh $ >>>> chmod +x sh.sh env.sh $ time for i in $(seq 1000); do ./sh.sh; >>>> done >>>> >>>> real 0m2.737s user 0m0.750s sys >>>> 0m1.519s $ time for i in $(seq 1000); do ./env.sh; done >>>> >>>> real 0m3.677s user 0m1.013s sys >>>> 0m2.296s >>>> >>> >>> Yeah, it is noticeably slower - about 0,00094s. >> >> Uh. ~2.7secs vs. ~3.7 secs is nearly one entire second, not one >> tiny tiny fraction of a second, isn't it? > > > There are also possible Security ramifications of allowing the > interpreter to be replaced, users could stumble upon this. > > Python even tries to prevent this with the -Es qualifier. > > man python > ... > -s Don't add user site directory to sys.path. > -E Ignore environment variables like PYTHONPATH and > PYTHONHOME that > modify the behavior of the interpreter. > > I think putting > #!/usr/bin/env interpreter > is a very bad idea for administrative tools. > It seems that this idea has real technical disadvantages: - possible security problems - slower execution of scripts - inability to pass an argument to interpreter - random problems caused by using of local interpreter - the need for modification of 5000+ packages Harald, game is not worth the candle. -- Best regards, Michal http://eventhorizon.pl/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
