[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I've found a vulnerability in bash
From: |
Kerin Millar |
Subject: |
Re: I've found a vulnerability in bash |
Date: |
Fri, 19 Nov 2021 14:05:00 +0000 |
(Copying the list back in ...)
On Fri, 19 Nov 2021 07:19:29 -0500
Marshall Whittaker <marshallwhittaker@gmail.com> wrote:
> Though I do disagree with you, this is the only message in this thread that
> even makes sense.
Firstly, rm * is a valid - albeit unsafe - simple command, and one that is
easily rectified. Secondly, the manner in which * expands is in accordance with
the documented behaviour. Thirdly, the manner in which simple commands are
processed is in accordance with the documented behaviour. In the event that you
can falsify the second and/or third of these assertions, then - and only then -
will you have discovered a bug in bash.
As far as I can tell, your contention is that the default mode of pathname
expansion should be changed in order to paper over the first point. Very well.
Let's consider what would happen if, say, GLOBIGNORE=".*:-*" were to be a
default.
* bash would violate POSIX [1]
* bash would be incompatible with other shells on this point
* existing scripts would change their behaviour and/or break (note: file names
beginning with a dash are perfectly legal)
* the behavioural change would not conclusively address the issue
What do I mean by not addressing the issue? Fundamentally, the issue is one of
passing unsanitised input to an program, with the input taking the form of an
argument vector. Programs are free to act upon their arguments in whatever way
they see fit. While it may be common for argument beginning with a dash to
denote an option, this is by no means a cast-iron rule. If the words produced
by the expansion of a glob be arbitrary in nature, it is your responsibility to
understand how to convey them safely to a given program. In many cases,
assuming that responsibility turns out not to be overly hard. The point is that
it is beyond the purview of the shell.
[1]
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_13
--
Kerin Millar
- I've found a vulnerability in bash, Marshall Whittaker, 2021/11/17
- Re: I've found a vulnerability in bash, Greg Wooledge, 2021/11/17
- Re: I've found a vulnerability in bash, Alex fxmbsw7 Ratchev, 2021/11/17
- Re: I've found a vulnerability in bash, Ilkka Virta, 2021/11/17
- Re: I've found a vulnerability in bash, Chet Ramey, 2021/11/17
- Re: I've found a vulnerability in bash, Marshall Whittaker, 2021/11/19
- Re: I've found a vulnerability in bash, Alex fxmbsw7 Ratchev, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Message not available
- Re: I've found a vulnerability in bash,
Kerin Millar <=
- Re: I've found a vulnerability in bash, Marshall Whittaker, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Eric Blake, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Message not available
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Robert Elz, 2021/11/19
- Re: I've found a vulnerability in bash, Ilkka Virta, 2021/11/19