You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ant.apache.org by Conor MacNeill <co...@cortexebusiness.com.au> on 2000/11/02 08:02:00 UTC
Searching for build.xml
As you may recall I expressed some reservations about the feature introduced
in ant 1.2 whereby ant will search up the directory tree for a build.xml
file
I recently asked my sysadmin to install ant 1.2 on our Unix system and,
after reading the release notes, he sent me a colourful email, attached
below.
Dose anyone else, or their sysadmins, think this is a problem?
Thoughts?
Conor
> It is not reasonable to assume a user has control of parent directories
> as you move towards the root, so you get security issues (potentially),
> performance issues (potentially, haven't these guys heard of NFS?) and
> unexpected behaviour in multi level source trees (most probable - 95%
> of confusion/complaints will come from there).
>
> I can't think of a good reason for it, if you really needed to run
> higher level ant files you'd have ant -f ../../build.xml
>
> I've neve seen a piece of userland software (of its
> own accord) investigate much past ".." or "../somedir".
>
> If they insisit on having it as a feature, it'd be quite useful to
>
> a. allow the sane to disable the feature with a command line
> switch (an environment variable is probably too subtle)
>
> b. make sure we only ever used a patched version in the office
> so it never bites us
>
--
Conor MacNeill
conor@cortexebusiness.com.au
Cortex eBusiness
http://www.cortexebusiness.com.au
Re: Searching for build.xml
Posted by Steve Loughran <st...@iseran.com>.
----- Original Message -----
From: "Conor MacNeill" <co...@cortexebusiness.com.au>
To: "Ant-Dev" <an...@jakarta.apache.org>
Sent: Wednesday, November 01, 2000 11:02 PM
Subject: Searching for build.xml
> As you may recall I expressed some reservations about the feature
introduced
> in ant 1.2 whereby ant will search up the directory tree for a build.xml
> file
>
> I recently asked my sysadmin to install ant 1.2 on our Unix system and,
> after reading the release notes, he sent me a colourful email, attached
> below.
>
> Dose anyone else, or their sysadmins, think this is a problem?
I've had a bad experience with the autosearch function where I had stuck a
build.xml file in c:\ as some interim place to stick things some months ago.
Then sometime this week I type and and it finds that file and runs with it
because I am not quite in the place I think I am. No harm was done this
time, but it gave me a bit of a scare.
In a multiuser environment if someone could sneak in a build.xml upstream
then a user could perhaps be engineered into running a potentially
destructive build file. This isnt likely (you need an odd combination of
rights to make it worthwhile), but conceivable
At the same time, it is slightly handy.
> > a. allow the sane to disable the feature with a command line
> > switch (an environment variable is probably too subtle)
I think a better approach than a 'search up by default' would be to have the
search disabled by default, with a -search argument to turn it on (perhaps
including number of parent searches).
-steve
Re: Searching for build.xml
Posted by Peter Donald <do...@apache.org>.
At 06:02 2/11/00 +1100, you wrote:
>As you may recall I expressed some reservations about the feature introduced
>in ant 1.2 whereby ant will search up the directory tree for a build.xml
>file
>
>I recently asked my sysadmin to install ant 1.2 on our Unix system and,
>after reading the release notes, he sent me a colourful email, attached
>below.
>
>Dose anyone else, or their sysadmins, think this is a problem?
yep ;)
I agree it is useful (reduced the size of my elisp code heaps) but I never
felt comfortable with it.
Cheers,
Pete
*------------------------------------------------------*
| "Nearly all men can stand adversity, but if you want |
| to test a man's character, give him power." |
| -Abraham Lincoln |
*------------------------------------------------------*