I will admit that people consider it a little surprising and non-hackers will be very loudly booed if they rely on this behavior but ed finds it way into lots of utilities like this. It's a remnant of a bygone era where people wanted their tools to have this kind of power.
But the author is absolutely right, nowadays we should prefer red. Still a small amount of shame if you're applying untrusted patches.
The early computing era (I'd say until early '90s) was definitely had something special in the way so much relied on trust, both trusting the user and trusting the wider community. Today everything is so locked down, paranoid and anxiety inducing that computing has become increasingly stressful and unfun.
I'm also reminded by a RMS writing (I think it was letter of some sort) campaigning that denying computer lab users root access was oppressive. Bit sad that I can't actually find it now.
And of course the classic (if misused like I'm doing here) Franklin quote "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
It's easy to trust the user and the wider community when your typical user is "another student in UCLA" and the worst they can steal from you is yesterday's experiment log.
Put another way, it's easy to trust a user if you and they both know that they can be tracked down and face disciplinary action if their behavior was deemed unacceptable.
Moreover: it's easy to trust each other if all you're doing is scientific research, games and pranks. But one day we woke up and found half of the world relying on computing in everything, from business to healthcare to national security. With regular people and regular day-to-day stuff comes regular crime.
> I'm also reminded by a RMS writing (I think it was letter of some sort) campaigning that denying computer lab users root access was oppressive.
There's a reference that may be related to this in the book "Hackers: Heroes of the Computer Revolution" that talks about how Stallman despised passwords and worked to promote more open access to the systems.
At the time, computers were not something everyone used in their daily lives. They were something that was shared. In that context, an administrator denying users of the computer access to pretty important functionality (imagine you couldn't run a debugger on your laptop, or couldn't get root) is anti-user behaviour. Passwords were (at the time) a way to restrict users from being able to access the machine without the administrators permission (since an administrator could remove your login entry -- even if you were physically present at the computer you couldn't do anything).
RMS has said multiple times that technology doesn't change our values, because our values are far too ingrained in order to be changed as something as trivial technology. But different technologies change the outcomes that we judge using our values. The proliferation of the internet and data sharing changes whether or not passwords are a good thing (since they are now used to protect user data from other people, rather than block users from accessing a system they should have the rights to access).
That sounds correct. Although I feel like there might have been expanded version of this story somewhere, but this is definitely where I remember it from.
For posterity, this is bit more canonical source for the piece:
> Sometimes a few of the users try to hold total power over all the rest. For example, in 1984, a few users at the MIT AI lab decided to seize power by changing the operator password on the Twenex system and keeping it secret from everyone else. (I was able to thwart this coup and give power back to the users by patching the kernel, but I wouldn't know how to do that in Unix.)
> However, occasionally the rulers do tell someone. Under the usual su mechanism, once someone learns the root password who sympathizes with the ordinary users, he or she can tell the rest. The "wheel group" feature would make this impossible, and thus cement the power of the rulers.
> I'm on the side of the masses, not that of the rulers. If you are used to supporting the bosses and sysadmins in whatever they do, you might find this idea strange at first.
Knowing "why" doesn't make it feel any better. If anything, it makes it worse, knowing both that all the paranoia is justified and that our systems are not really yet anywhere near something you could comfortably call "secure".
I'm seeing more and more people these days reference the Franklin quote in the context of computing. I've used it myself, and I believe it started gaining in popularity shortly after the rise of Secure Boot. A sign of the times indeed.
That said, I'm all for preventing remote attacks; it's when people start thinking about locking the actual user out of the computer he/she owns that makes me offended.
This bums me out, too. Back in the day, you didn't have to treat all programs and data as hostile, because they weren't. Nowadays the GNU linker whines about calling gets(), but that wasn't a problem, because you knew that a 32-character stack-allocated buffer was big enough to answer a yes-or-no question.
That's fair -- the Morris Worm was an early demonstration that user-hostile software could easily make everyone's life worse. It still sucks that, as modern coders, most of our lives will be spent either producing or defending against hostile software.
The latter. As long as it was bunch of nerds doing nerdy things, nobody cared. As soon as computers started processing things relevant to regular people, the regular people happened, and with them all the incentives for hostile behaviour.
His reasons for doing that aren't related to security, but rather wanting Free Software purity.
Also I don't think his PC is "offline," but rather he does weird things like reading web pages via a script that scrapes the text and emails it to him.
I've actually emailed him about the topic of free software mobile phones. He is against them entirely, even if one was completely free software, because by design they track you using cell towers. He said that if he needs to use a phone he uses land-lines.
I can pull up the email if you like. He's a pretty reasonable guy if you ask him a question, and is surprisingly responsive.
"By 1982, Stallman's aversion to passwords and secrecy had become so well known that users outside the AI Laboratory were using his account as a stepping stone to the ARPAnet, the research-funded computer network that would serve as a foundation for today's Internet.
...
"[When] passwords first appeared at the MIT AI Lab I [decided] to follow my belief that there should be no passwords," Stallman would later say. "Because I don't believe that it's really desirable to have security on a computer, I shouldn't be willing to help uphold the security regime.""
I highly dought that. Most users use Windows and don't even have Anti-Virus/Firewall installed on there computers. Networking hardware is set to defualts. I would argue more computers and servers are unprotected because we have more computers and users online.
I don't think it's so much that people wanted patch to be able to run arbitrary code, but rather that writing your tools to be very flexible allows you to get the functionality you need with very little code. The first version of ctags was written as a shell script that invoked ed to do the heavy lifting, for example. It was a small fraction of the rewrite of ctags in C in later Unixes.
So that's how you end up with m4 being Turing-complete, being able to put shell commands in anything, that sort of thing.
>It's a remnant of a bygone era where people wanted their tools to have this kind of power.
You should still want your tools to have this power.
It's amazing what you can do with tools built like this and how _easy_ it is. People use the same motivation for making microservices, "do one thing well", they just don't think about it for command line utilities and treat shell scripting like a second class citizen.
I personally don't interpret "do one thing, and do it well" to mean "do one small thing, and do it well"; the "one thing" could be as big as a programming language, or a display server, or whatever. Perl's "one thing" would be being a scripting language; it should be a scripting language, and it should be the best scripting language it can be. It just shouldn't also do a bunch of other stuff, like also being an RDBMS.
That philosophy could also be applied recursively; Perl should do just one thing; it should be a good scripting language. The Perl JSON module should just do one thing; it should be a good JSON encoder and decoder. That doesn't mean it should be simple; the JSON module should have as much complexity as necessary to make it a good and useful tool.
I do recognize that my interpretation isn't a great _definition_, because you can construe most things to be UNIX-y if you just expand what "one thing" it should be good at enough, but I do think it's useful to keep in mind when designing something.
That said, I have never written Perl (other than a very tiny amount of Perl 6), and don't know exactly what about it convinced you, but I wouldn't mind a discussion about it if you clarify.
The "do one thing, and do it well" is really misleading, the Unix philosophy cannot be distilled down to a single phrase - this phrase only makes sense if you already understand the ideas (also naming it "philosophy" is kinda misleading too because it doesn't expect everything to follow it, only use it as an ideal for program design that you should strive to follow, but not bind yourself over it and ignore it when it makes sense - a good example for this would be something that does a lot of things that in turn allow programs to follow the Unix philosophy better - like an OS kernel).
The main idea behind the "do one thing" is really composability: by doing one thing, your program can be used to provide the functionality for other programs to form applications. Patch uses ed because it needs to edit text and ed provides the text editing functionality, but ed can also be used interactively or from a shell script or by some other program. This is because ed doesn't care how it is called nor where the commands come from. This isn't enabled by its simplicity, but by its design to be composable: it would be a trivial difference in terms of complexity (and indeed there were similar programs in other systems that did exactly that) to ask the user for a filename upon launching it. But that would only make it useful as an interactive program (which is also why the Unix philosophy warns against captive user interfaces).
Ironically, Microsoft's COM and OLE followed that idea better than anything on the graphical side of Unix ever did (except X11 itself, but few programs ever took advantage of it - the best case would be applications meant to be "swallowed" inside docks - docklets - and panels, but those are very task specific). However there is also something to be said about being simple and COM is anything but simple.
So come up with command line switches to restrict behavior when necessary.
>the power means the tool ends up doing a lot of other things ... not so well.
What I find myself wanting over and over is to do things with software that the developers didn't intend. Maybe using a hammer to mash potatoes is a bad idea, but I don't want the hammer company to make it impossible. Not because I want to shoot myself in the foot, but because preventing me from shooting myself in the foot prevents me from doing a lot of other good things.
> Patch does a good job of patching. There is no reason why it should also have the job of being able to run arbitrary scripts.
It (patch) is not 'run[ning] arbitrary scripts' (ignoring the fact that the actual 'diff' output file is itself a 'script' in a broad sense).
Early versions of diff used to output 'ed' command scripts that would instruct 'ed' how to change one file into another file.
Rather than re-implement all of 'ed' inside of patch, patch simply was written to call 'ed' over a pipe and feed it the input "diff" (in 'ed' format) and let 'ed' handle interpreting the 'ed' script. This in and of itself makes sense. All the 'ed' code for interpreting 'ed' scripts is in 'ed', and enhancements to 'ed' automatically become available to patch and anyone else that calls 'ed' without having to keep plural code bases synchronized. Note that some of this usage may very well have been developed before shared libraries appeared, so there would have been no easy way to share the same 'ed' library among plural tools when there were no shared libraries.
It just so happens that one of ed's commands is a command to execute an arbitrary program. So a carefully crafted diff file can instruct ed to run a program of your choosing.
I'm not sure if I'm reading your comment correctly but i don't think Perl was ever intended to fit the UNIX philosophy. What with TIMTOWTDY being a central tenet.
I thought the acronym ended with an "I", TIMTOWTDI, "there is more than one way to do it".
But I don't know if this is totally anti-unix; there's something more subtle, unix systems try to have a "proper layering" of tools, starting with high-level stuff like compilers and languages, sitting atop utility programs and shell, which ultimately sit on an OS kernel that offers its own similar layering of complexity, with simple and clean primitives at the very bottom (files, sockets, etc).
Working within this ecosystem of OS/libs/tools, you can compose any particular solution in a wide variety of ways, there's usually more than one "right way" to solve a problem. But the pieces you build your solution upon are generally more and more specialized/single-purpose as you move down the stack.
But the author is absolutely right, nowadays we should prefer red. Still a small amount of shame if you're applying untrusted patches.