Re: Strange file -i

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Strange file -i

From:	Stephane Chazelas
Subject:	Re: Strange file -i
Date:	Thu, 5 Mar 2015 20:52:24 +0000
User-agent:	Mutt/1.5.21 (2010-09-15)

2015-03-05 15:20:44 -0500, Chet Ramey:
[...]
> For example, I never do this:
> 
> > $ perl -ne 'print if /foo/' *
> 
> I just use grep directly.

That was just a basic example.

What about:

sed 's/foo/bar/g' *

?

> Or this:
> 
> > rm -- *
[...]

Then, you're in for some bad surprise some day.

You should definitely do that in scripts that you share with
others at least. Not doing it is introducing a security
vulnerability.

sed 's/foo/bar/' *

is OK with non-GNU seds, but with GNU sed (that accepts options
after arguments), it's an arbitrary command execution
vulnerability.

For instance if there's a file called 
-e1s:.*:uname>\&2:e (left there by another cheeky user, some
malware, a dodgy tarball (like bash's that contain a -i file
:-b))

sed s/foo/bar/ *

runs uname for every non-empty file in the directory.

-- 
Stephane

[Prev in Thread]

Current Thread

[Next in Thread]

Strange file -i, Jean Delvare, 2015/03/04
- Re: Strange file -i, Eric Blake, 2015/03/04
  - Re: Strange file -i, John McKown, 2015/03/04
    - Re: Strange file -i, Stephane Chazelas, 2015/03/04
    - Re: Strange file -i, Mike Frysinger, 2015/03/04
    - Re: Strange file -i, Chet Ramey, 2015/03/05
    - Re: Strange file -i, Stephane Chazelas <=
    - Re: Strange file -i, Chet Ramey, 2015/03/05
    - Re: Strange file -i, Mike Frysinger, 2015/03/05
  - Re: Strange file -i, Jean Delvare, 2015/03/04

Prev by Date: Re: Strange file -i
Next by Date: Re: Strange file -i
Previous by thread: Re: Strange file -i
Next by thread: Re: Strange file -i
Index(es):
- Date
- Thread