[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Strange file -i
|
From: |
Stephane Chazelas |
|
Subject: |
Re: Strange file -i |
|
Date: |
Wed, 4 Mar 2015 23:07:55 +0000 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
2015-03-04 09:25:46 -0600, John McKown:
> On Wed, Mar 4, 2015 at 7:43 AM, Eric Blake <eblake@redhat.com> wrote:
> > On 03/04/2015 01:44 AM, Jean Delvare wrote:
> >> Hi Chet,
> >>
> >> Did you really intend to create an empty file named "-i" in
> >> http://git.savannah.gnu.org/cgit/bash.git/diff/?id=43aebe922bc2a614c410e282fdf772e063454168
> >> ?
> >
> > Yes: https://lists.gnu.org/archive/html/bug-bash/2014-07/msg00075.html
>
> Oh, wow, man! That is like, so totally awesome. [grin]. Sorry for
> being silly, but I absolutely _love_ this and I am going to adopt it
> for some of my subdirectories which contain "important" (at least to
> me) files.
[...]
I wouldn't.
$ echo test > test
$ echo foo > test2
$ touch ./-i
$ perl -ne 'print if /foo/' *
$ cat test
$ # OOPS
That perl command (intended as grep -h foo *) ended up removing
all the lines that didn't contain "foo" in all the non-hidden
files (except "-i") in the current directory.
(same (even worse) with GNU sed).
That "trick" is basically exploiting a vulnerability in your
command line.
You should write:
rm -- *
Or
rm ./*
To avoid filenames being taken as options.
Note that only GNU utilities (or utilities using GNU getopt
without enforcing standard mode) accept options after arguments.
In other implementations (or when the POSIXLY_CORRECT env var is
set).
rm foo -i
Would remove "foo" and "-i" except with GNU rm.
Note that:
perl -ne 'print if /foo/' -- *
is not enough in perl (see
http://unix.stackexchange.com/a/170014 for details).
--
Stephane
Re: Strange file -i, Jean Delvare, 2015/03/04