Beware xargs security holes
Paul John Falstad
pfalstad at fish.Princeton.EDU
Sun Oct 21 15:21:03 AEST 1990
>In article <2113 at sixhub.UUCP> davidsen at sixhub.UUCP (bill davidsen) writes:
>> It *appears* that xenix quotes its arguments in xargs, since I did a
>>small and cautious test and it worked all right. How about testing your
Though as Dan said earlier, even if xargs quotes its arguments, you can
still get in trouble, since find and xargs use a newline as a delimiter for
filenames, and filenames can have newlines in them.
--
Paul Falstad, pfalstad at phoenix.princeton.edu PLink:HYPNOS GEnie:P.FALSTAD
And Dinsdale said, "You've been a naughty boy, Clement," and splits me nostrils
open, and saws me leg off, and pulls me liver out. And I said, "My name's not
Clement." And then he loses his temper. And he nails me head to the floor.
More information about the Comp.unix.shell
mailing list