From: merch-redmine@... Date: 2021-06-17T07:06:35+00:00 Subject: [ruby-core:104335] [Ruby master Feature#17994] Clarify `IO.read` behavior and add `File.read` method Issue #17994 has been updated by jeremyevans0 (Jeremy Evans). My only concern is that File isn't the only subclasses of IO. There are also: ``` UNIXServer UNIXSocket UDPSocket TCPServer TCPSocket IPSocket Socket BasicSocket ``` Do we want `Socket.read` to handle `|` specially (as `IO.read` does), or should it operate as `File.read` (as it does now)? If it currently works as `File.read`, then switching to `IO.read` behavior could potentially result in security issues. I doubt there is significant real-world usage of `Socket.read` or similar, so maybe this is not a significant concern. Honestly, I don't think `read` makes sense as a class method on socket classes, so maybe we can avoid the issue by undefing it (after a deprecation period). ---------------------------------------- Feature #17994: Clarify `IO.read` behavior and add `File.read` method https://bugs.ruby-lang.org/issues/17994#change-92556 * Author: mame (Yusuke Endoh) * Status: Open * Priority: Normal ---------------------------------------- `IO.read` creates a subprocess when a given file name starts with a `|` character. ``` irb(main):001:0> IO.read("| ls /etc/passwd") => "/etc/passwd\n" ``` To disable this feature, `File.read` can be used. ``` irb(main):002:0> File.read("| ls /etc/passwd") (irb):2:in `read': No such file or directory @ rb_sysopen - | ls /etc/passwd (Errno::ENOENT) ``` So, as far as I know, `File.read` is more prefereable to `IO.read` if a user want to just read a file. However, in terms of the implementation, there is no definition of `File.read`. `File.read` invokes `IO.read` because `IO` is a superclass of `File`, and `IO.read` creates a subprocess only when its receiver is exactly the `IO` class. I think there are two problems in the current situation: 1. The rdoc of `IO.read` does not explain the behavior to disable a subprocess invocation. 2. The rdoc does not have an entry for `File.read`. I've created a PR to address the two issues by clarifying `IO.read` behavior and defining `File.read` as an alias to `IO.read`. https://github.com/ruby/ruby/pull/4579 -- https://bugs.ruby-lang.org/ Unsubscribe: