Beware xargs security holes
Dan Bernstein
brnstnd at kramden.acf.nyu.edu
Tue Oct 16 04:22:12 AEST 1990
In article <271653D6.1CE8 at tct.uucp> chip at tct.uucp (Chip Salzenberg) writes:
> According to lml at cbnews.att.com (L. Mark Larsen):
> >I never much cared for xargs since it limits you to an argument list of
> >only 470 bytes.
> For the most common use of xargs -- "find ... | xargs command" -- the
> script below, called "many", does a good job. Since it doesn't spawn
> a subshell, it isn't prone to metacharacter-caused security problems.
But it's still susceptible to filenames with carriage returns, and will
be until find has a -print0 option. Please, please, please don't claim
that your xargs is by any means secure when a standard command like
find / -name '#*' -atime +7 -print | xargs rm
lets a malicious user remove every file on the system. Maybe it's
unreasonable of me to want others to live up to my standard of security,
but in my eyes no \n-parsing xargs qualifies as ``a good job.'' Sorry.
---Dan
More information about the Comp.unix.shell
mailing list