Vulnerability Development mailing list archives
Re: Unix * weirdness
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Sat, 1 Jan 2000 19:39:10 -0800
at least with GNU rm (and i'm assuming all other versions have a similar method), you can use rm -- -proc, but you could have also done rm ./-proc (or in this case, rm -R ./*).
I got a lot of replies suggesting these two methods. I believe I tried single-quoting the filename too, but that didn't work, which surprised me. # rm '-test' rm: illegal option -- t rm: illegal option -- e rm: illegal option -- s rm: illegal option -- t usage: rm [-fiRr] file ... # rm \-test rm: illegal option -- t rm: illegal option -- e rm: illegal option -- s rm: illegal option -- t usage: rm [-fiRr] file ...
All arguments will be prefixed with /tmp/ in this case, thus negating the effect. No vulnerability.
How about if there's a space in front?
Yes, but it won't matter, when it's expanded by the shell they will be passed as if they were quoted.
That's what I wanted to know. So why does the shell escape those, and not the - ? What can't I single-quote around or manually escape the - ? (using /bin/sh in my examples.) Someone know the section of shell source code that does this part off of the top of their head?
You need to learn more about how shell expanding, and 'rm' work :)
Hmm.. I just did. :) Based on the number of responses I got, I owe everyone an apology for posting a stupid question. You all get a stupid question point. I also apologize for so heavily moderating this thread.. lots of you posted replies, but there were also lots of dups. I generally used the reply that got here first, or explained the point best IMo. If you had an interesting point that someone else didn't cover, and I didn't send your post through, please re-port and point that out to me. I'll go away for a while now, and see what default scripts I can find that use * in stupid ways. :) BB
Current thread:
- Unix * weirdness Blue Boar (Jan 01)
- Re: Unix * weirdness Yong S. Yi (Jan 01)
- Re: Unix * weirdness Forever shall I be. (Jan 01)
- Re: Unix * weirdness Blue Boar (Jan 01)
- Re: Unix * weirdness Warner Losh (Jan 01)
- Re: Unix * weirdness Bernie Cosell (Jan 01)
- Re: Unix * weirdness Blue Boar (Jan 01)
- iishack/tesoiis.c - What's wrong ? Ory Segal (Jan 03)
- Re: iishack/tesoiis.c - What's wrong ? Seth Georgion (Jan 03)
- Re: iishack/tesoiis.c - What's wrong ? The Underground Legendary Emperor (Jan 04)
- Re: Unix * weirdness Blue Boar (Jan 01)
- Re: Unix * weirdness Blue Boar (Jan 01)
- <Possible follow-ups>
- Re: Unix * weirdness Pierre Belanger (Jan 01)