Re: Bash Bug

[drow () FALSE ORG (Daniel Jacobowitz)]

On Fri, Apr 23, 1999 at 12:02:57AM +0300, Guy Cohen wrote:
> Unfortunately this is not true. here is why:
> rush:/tmp> bash --version
> GNU bash, version 2.03.0(1)-release (i586-pc-linux-gnu)
> Copyright 1998 Free Software Foundation, Inc.
> rush:/tmp> bash
> bash-2.03$ echo $PS1
> \s-\v\$
> bash-2.03$ cat ~/.rhosts
> cat: /export/home/guy/.rhosts: No such file or directory
> bash-2.03$ mkdir "\ `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ ` "
> bash-2.03$ cd \\\ \ /
> bash-2.03$ cat /export/home/guy/.rhosts\
> + +
> sh-2.03$

That's a quoting error.  Look at the mkdir command you typed, and
observe that the backticks are not escaped - thus even inside of ""
they are evaluated.

Witness:

$ ls /drow/.rh*
ls: /drow/.rh*: No such file or directory
$ echo $PS1
\$
$ mkdir "\ `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ ` "
$ ls /drow/.rhosts\
/drow/.rhosts


It doesn't even get .rhosts right - there's a space at the end.  You
told bash to make the directory:
  `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ `

Dan

/--------------------------------\  /--------------------------------\
|       Daniel Jacobowitz        |__|     CMU, CS class of 2002      |
|   Debian GNU/Linux Developer    __   Part-Time Systems Programmer  |
|         dan () debian org         |  |        drow () cs cmu edu         |
\--------------------------------/  \--------------------------------/