[CentOS] bash - safely pass untrusted strings?

Tue Feb 26 16:16:59 UTC 2008
Ross S. W. Walker <rwalker at medallion.com>

Benjamin Smith wrote:
> On Tuesday 26 February 2008, Bob Beers wrote:
> > short answer:  single quotes will handle all characters, 
> except single 
> quotes.
> > 
> > long answer:  man bash
> >  the section called QUOTING may help you figure a solution.
> 
> I've read the man page. It helps if I already know the input 
> - I don't have a 
> problem with manually putting slashes in front of spaces and 
> single quotes. 
> But in this case, I don't know the input. It's untrusted data. 
> 
> There is no mechanism for escaping untrusted input?

You could try uuencode/uudecode and handling the uuencoded
strings.

-Ross

______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.