[CentOS] bash - safely pass untrusted strings?
Garrick Staples
garrick at usc.edu
Tue Feb 26 18:56:56 UTC 2008
On Tue, Feb 26, 2008 at 12:45:41PM -0600, Les Mikesell alleged:
> Garrick Staples wrote:
>
> >>How many "homebrew" ISP or hosting administration scripts could be
> >>compromised by simply putting a file in your home directory called ";rm
> >>-rf /" ?
> >
> >It's not as bad as you think because of the order of operations.
> >
> >In all cases, these perform exactly as a string should regardless of inner
> >characters.
>
> He's probably thinking of a scripted operation that does a
> find . -print |xargs some_command
> (without print0) or a backtick or $(..) generated expansion. A lot of
Yes, so was I. That's why I had some examples of string with quotes being
evaluated by the shell.
> the usefulness of the shell happens because you can generate and reparse
> text programatically and have it become commands - and a side effect is
> that metacharacters that appear in the text get processed even if they
> aren't what you expected. I think it is kind of silly that common shell
> metacharacters are permitted in filenames, but there's not much you
> can do about it now.
My point is that the problem isn't actually all that bad. Just like all
languages, you have to know what you are doing.
--
Garrick Staples, GNU/Linux HPCC SysAdmin
University of Southern California
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20080226/82d0e258/attachment.sig>
More information about the CentOS
mailing list