[CentOS] bash - safely pass untrusted strings?
Les Mikesell
lesmikesell at gmail.com
Tue Feb 26 18:45:41 UTC 2008
Garrick Staples wrote:
>> How many "homebrew" ISP or hosting administration scripts could be compromised
>> by simply putting a file in your home directory called ";rm -rf /" ?
>
> It's not as bad as you think because of the order of operations.
>
> In all cases, these perform exactly as a string should regardless of inner
> characters.
He's probably thinking of a scripted operation that does a
find . -print |xargs some_command
(without print0) or a backtick or $(..) generated expansion. A lot of
the usefulness of the shell happens because you can generate and reparse
text programatically and have it become commands - and a side effect is
that metacharacters that appear in the text get processed even if they
aren't what you expected. I think it is kind of silly that common shell
metacharacters are permitted in filenames, but there's not much you
can do about it now.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list