shell variable security
Miner, Jonathan W (CSC) (US SSA)
jonathan.w.miner at baesystems.com
Wed Oct 3 16:43:52 UTC 2007
> We have all heard about security problems with shell variables
Can some one post a test case that exploits this? While I understand the issue that the OP addressed, I can't seem to write a shell script that exploits this. Take this sample script:
while read line; do
foo=`echo $line`
echo $foo
done
if I run it and enter something like "Jon; date" it just echos it back. The date command does not executed. If I run the script with the -x argument, it looks like this:
$ bash -x x.sh
+ read line
Jon; date
++ echo 'Jon;' date
+ foo='Jon; date'
+ echo 'Jon;' date
Jon; date
+ read line
It looks like the shell is putting single quotes around the ';'. I really believe that what the OP asked about is a problem, I just can't seem to generate a test case that illustrates it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 2776 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20071003/940bc337/attachment-0001.bin>
More information about the fedora-list
mailing list