== Implicit generalized _open()_'s are dangerous

A number of languages have _open()_ functions that are generalized by
default; they open more than plain files, sometimes far more.  Such
functions are dangerous bear traps lying in wait for the unwary and
insufficiently paranoid, because what the programmer thinks is a simple
file open may be something very different and more dangerous. In
turn, this means that all an attacker needs to do is find [[some way
../web/PermissiveWebApps]] to supply a 'file name' that your program
will try to open.

There's two core problems: the generality is implicit, not explicit, and
it is in what you use for a common case that neither needs nor wants the
generality. This means that the full potential of what the code can do
is not immediately obvious when you read (or write) '_open(filename)_',
and that you will be writing it a lot. Adding to the problem is that
this is a hard mistake to notice. Your code works; it just has extra
'features' that you don't actually want.

(Even if there is a way to be explicit, people are lazy and sooner or
later someone is going to use the implicit way when they shouldn't have.)

As you may have gathered, I don't particularly like such _open()_s; I
feel that they are a prime example of an error-prone interface.