I've found a vulnerability in bash

[Marshall Whittaker]

Software: bash
Version: 5.0.17(1)-release
--- SNIP ---
[marshall@jerkon]{04:09 AM}: [~/bashful] $ touch -- '--version'
[marshall@jerkon]{04:09 AM}: [~/bashful] $ touch a && mkdir b
[marshall@jerkon]{04:09 AM}: [~/bashful] $ ls -l
total 4
-rw-rw-r-- 1 marshall marshall    0 Nov 17 04:09 a
drwxrwxr-x 2 marshall marshall 4096 Nov 17 04:09 b
-rw-rw-r-- 1 marshall marshall    0 Nov 17 04:09 --version
[marshall@jerkon]{04:09 AM}: [~/bashful] $ mv * b
mv (GNU coreutils) 8.30
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
https://gnu.org/licenses/gpl.html>;;.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Mike Parker, David MacKenzie, and Jim Meyering.
[marshall@jerkon]{04:09 AM}: [~/bashful] $ rm *
rm (GNU coreutils) 8.30
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
https://gnu.org/licenses/gpl.html>;;.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Paul Rubin, David MacKenzie, Richard M. Stallman,
and Jim Meyering.
[marshall@jerkon]{04:09 AM}: [~/bashful] $
--- SNIP ---

This shouldn't happen beacuse you can drop a file and then redirect
other code for example calling a script if you only have access to drop
a file.  Say a cronjob was running every hour, and it did rm * on some
folder, by expansion, you could expand it to -riv or whatever you
wanted and redirect program flow from there, say blocking the removal
of sensitive temporary files.