Re: procmail

[casper () HOLLAND SUN COM (Casper Dik)]

> On Mon, 21 Jul 1997 16:50:56 +0200, Casper Dik wrote:
> > Shells will not honor meta characters inside variables.
> >
> > The shell will first parse (the phase in which meta chacretsr and keywords
> > are detected) and only then will it do variabel substitution.
> >
> > Then it'll split stuff in words and only then wildcard expansion is done.
>
> There's some weird effect with tcsh (I don't know if that's standard csh
> behavior). When your shell script does a `set foo=$1' and the first
> argument is "xx PATH=~ftp/incoming:/usr/bin:/bin" it will do two
> simultaenous variable assignments, and thus overwrite the PATH variable
> with the string the attacker specified.
>
> Not sure if that qualifies as metacharacter expansion, but it's definitely
> scary:-) Metamail had this problem, fwiw.


Most likely because Csh/Tcsh variabel assignments are treated different
from sh assignment (which are part of the syntax; in csh/tcsh they're
part of the command language)

in Csh/tcsh you must quote the assignment.

The worst thing csh/tcsh do, however, is an "eval" on the variable that
are imported to local variables (HOME->hoem, TERM-> term PATH->path, etc)

So any set-uid/set-gid C-shell script or a C-shell script "captive" login;
they're all easily broken.

This is fixed in later tcsh revisions.

There are simply too many weird things in tcsh/csh to use them as a scripting
language for scritps otehr than .login/.cshrc etc.

Casper