Vulnerability Development mailing list archives
Re: ls bug.
From: Chris Faulhaber <jedgar () fxp org>
Date: Fri, 15 Feb 2002 08:58:00 -0500
On Fri, Feb 15, 2002 at 08:27:38AM +0200, Ehud Tenenbaum wrote:
Greetings,
...
ls reading flags from filename which might lead to root backdoor as a concept, i.e. cat >-ls;id and the wait for root to ls * .
The problem is your shell is expanding the '*' before ls(1) is called so ls(1) sees: ls -ls <your files here> ... Try adding a '--' before the '*': $ ls -- * which should give you the correct output. -- Chris D. Faulhaber - jedgar () fxp org - jedgar () FreeBSD org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org
Attachment:
_bin
Description:
Current thread:
- ls bug. Ehud Tenenbaum (Feb 15)
- Re: ls bug. Chris Faulhaber (Feb 15)
- Re: ls bug. Blue Boar (Feb 15)
- <Possible follow-ups>
- Re: ls bug. Ehud Tenenbaum (Feb 15)
- Re: ls bug. Crist J. Clark (Feb 16)
- Re: ls bug. Wodahs Latigid (Feb 15)