Beware xargs security holes
Ole Nomann Thomsen
nomann at rimfaxe.diku.dk
Wed Oct 24 01:07:16 AEST 1990
davidsen at sixhub.UUCP (Wm E. Davidsen Jr) writes:
> It *appears* that xenix quotes its arguments in xargs, since I did a
>small and cautious test and it worked all right. ...
No:
touch "foo bar"
find . -type f -print | xargs ls -l
# Produces:
./foo not found
bar not found
...
# ["ls -l"s deleted]
# on Xenix 2.3.2 .
- Ole. (nomann at diku.dk).
"Information is not knowledge" - Frank Zappa.
More information about the Comp.unix.shell
mailing list