On Wed, 2007-10-03 at 15:15 +0000, tony.chamberlain@xxxxxxxxx wrote: > I have to write some BASH scripts. > > We have all heard about security problems with shell variables > > (i.e. when entering a name someone enters something like "Tony; rm > -rf /root/*" ) > > so that if the BASH scripts echoes it will will do something like echo > Tony; rm -rf /root/*. Why do you have the permissions on your root directory and its contents that an ordinary user can erase? -- ======================================================================= A pickup with three guys in it pulls into the lumber yard. One of the men gets out and goes into the office. "I need some four-by-two's," he says. "You must mean two-by-four's" replies the clerk. The man scratches his head. "Wait a minute," he says, "I'll go check." Back, after an animated conversation with the other occupants of the truck, he reassures the clerk, that, yes, in fact, two-by-fours would be acceptable. "OK," says the clerk, writing it down, "how long you want 'em?" The guy gets the blank look again. "Uh... I guess I better go check," he says. He goes back out to the truck, and there's another animated conversation. The guy comes back into the office. "A long time," he says, "we're building a house". ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@xxxxxxxxxxxxx
