Beware xargs security holes
=Engbert Gerrit IJff
engbert at cs.vu.nl
Wed Oct 31 01:22:23 AEST 1990
In article <303 at cadlab.sublink.ORG>,
staff at cadlab.sublink.ORG (Alex Martelli) writes:
) bhoughto at cmdnfs.intel.com (Blair P. Houghton) writes:
) ...
) >>find / -name '#*' -print | egrep -v '.*/#[^/]*' | xargs rm -f --
) >Lose the -v, dimwit.
)
) Won't "egrep '/#'" pass EXACTLY the same lines as "egrep '.*/#[^/]*'"???
) After all, it's not as if the RE had to match ALL of the incoming line!
) Yours for simpler, more regular expression of Regular Expressions...
Yes, you're right. However, if I am right, the original intention
was to delete files whose names started with the # character.
Shouldn't it be "egrep '/#[^/]*$'" then, to check on the basename?
^
Bert IJff
More information about the Comp.unix.shell
mailing list