[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential Bash Script Vulnerability
From: |
Martin D Kealey |
Subject: |
Re: Potential Bash Script Vulnerability |
Date: |
Tue, 9 Apr 2024 10:42:58 +1200 |
On Mon, 8 Apr 2024 at 01:49, Kerin Millar <kfm@plushkava.net> wrote:
> the method by which vim amends files is similar to that of sed -i.
>
I was about to write "nonsense, vim **never** does that for me", but then I
remembered that using ":w!" instead of ":w" (or ":wq!" instead of ":wq")
will write the file as normal, but if that fails, it will attempt to remove
it and create a new one. Ironically, that's precisely one of the cases
where using "sed -i" is a bad idea, but at least with vim you've already
tried ":w" and noticed that it failed, and made a considered decision to
use ":w!" instead.
Except that nowadays many folk always type ":wq!" to exit vim, and never
put any thought into this undesirable side effect.
I put that in the same bucket as using "kill -9" to terminate daemons, or
liberally using "-f" or "--force" in lots of other places. Those are bad
habits, since they override useful safety checks, and I recommend making a
strenuous effort to unlearn such patterns. Then you can use these stronger
versions only when (1) the soft versions fail, and (2) you understand the
collateral damage, and (3) you've thought about it and decided that it's
acceptable in the particular circumstances.
-Martin
PS: I've never understood the preference for ":wq" over "ZZ" (or ":x"); I
want to leave the modification time unchanged if I don't edit the file.
- Re: Potential Bash Script Vulnerability, (continued)
- Re: Potential Bash Script Vulnerability, admin, 2024/04/08
- Message not available
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
- Message not available
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
Re: Potential Bash Script Vulnerability,
Martin D Kealey <=
Re: Potential Bash Script Vulnerability, Chet Ramey, 2024/04/08