Bugtraq mailing list archives

Re: textcounter.pl (alternate fix)

From: sreid () ALPHA SEA-TO-SKY NET (Steve Reid)
Date: Thu, 25 Jun 1998 12:32:31 -0700

The fix I present has the undesirable result that it means the user can
create files with dangerous file names - the file gets created, and then
someone comes along and does a "rm *". and that filename with a pipe
character and evil command executes.


That shouldn't be a problem. Most (all?) shells will escape
metacharacters when expanding wildcards. If it doesn't, it could be
considered a bug in the shell.

What you _do_ have to worry about is filenames that look like options to
rm. If someone creates a file called "-Rf", doing an "rm *" could wipe
out subdirectories.

Current thread:

Re: textcounter.pl (alternate fix) Andrew McNaughton (Jun 24)
- Re: textcounter.pl (alternate fix) Jarkko Hietaniemi (Jun 25)
- Re: textcounter.pl (alternate fix) Steve Reid (Jun 25)
- IRIX mailx(1) Buffer Overrun Vulnerability SGI Security Coordinator (Jun 26)