Why is *splitting every word* is a shell security hole?

help-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why is splitting every word is a shell security hole?

From:	shynur .
Subject:	Why is splitting every word is a shell security hole?
Date:	Mon, 19 Aug 2024 11:41:38 +0000

Hi, friends,

I'm reading the paper by Chet Ramey.
Here: <https://tiswww.case.edu/php/chet/bash/rose94.pdf>.

In section 4.2.5:
> Bash and ksh split only the results of expansion,
> rather than every word as sh does, closing a
> long-standing shell security hole.

Why is *splitting every word* is a shell security hole?
Can someone give me an example?  Thanks!

[Prev in Thread]

Current Thread

[Next in Thread]

Why is *splitting every word* is a shell security hole?, shynur . <=
- Re: Why is *splitting every word* is a shell security hole?, Emanuele Torre, 2024/08/19
  - Re: Why is *splitting every word* is a shell security hole?, G. Branden Robinson, 2024/08/19
- Re: Why is *splitting every word* is a shell security hole?, Chet Ramey, 2024/08/21
  - Re: Why is *splitting every word* is a shell security hole?, Greg Wooledge, 2024/08/21
  - Re: Why is *splitting every word* is a shell security hole?, alex xmb sw ratchev, 2024/08/21
    - Re: Why is *splitting every word* is a shell security hole?, Greg Wooledge, 2024/08/21
    - Re: Why is *splitting every word* is a shell security hole?, alex xmb sw ratchev, 2024/08/21

Prev by Date: Re: Build Issues - devel in MSYS2 MSYS
Next by Date: Re: Why is *splitting every word* is a shell security hole?
Previous by thread: Re: Build Issues - devel in MSYS2 MSYS
Next by thread: Re: Why is *splitting every word* is a shell security hole?
Index(es):
- Date
- Thread