Beware xargs security holes
Ian! D. Allen [CGL]
idallen at watcgl.waterloo.edu
Tue Oct 9 16:09:54 AEST 1990
So you like to use this:
find . -type f -print | xargs rm -f
Interesting things happen here under some versions of xargs if you
have files with odd names that look like command lines, such as:
echo hi >"foo ; rm -rf /"
Since some versions of xargs (or programs of similar function, such as
"apply") use a shell to execute the indicated command, the shell parses
the file name, splits on the ";", and executes the following part of the
file name as another command, with potentially exciting results:
rm -f foo ; rm -rf /
Even versions that don't use a shell to run the command often split on
blanks, causing file names to match things you don't intend:
touch foo bar
echo hi >"foo bar"
echo "foo bar" | xargs rm
The above example removes files "foo" and "bar" on Ultrix 3.1C. File
"foo bar" (which might have been the result of a "find") is not touched.
So be VERY CAREFUL using xargs and friends!
--
-IAN! (Ian! D. Allen) idallen at watcgl.uwaterloo.ca idallen at watcgl.waterloo.edu
[129.97.128.64] Computer Graphics Lab/University of Waterloo/Ontario/Canada
More information about the Comp.unix.shell
mailing list