[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IFS

This page is part of the web mail archives of SRFI 22 from before July 7th, 2015. The new archives for SRFI 22 contain all messages, not just those from before July 7th, 2015.

To: Marc Feeley <feeley@xxxxxxxxxxxxxxxx>
Subject: Re: IFS
From: sperber@xxxxxxxxxxxxxxxxxxxxxxxxxxx (Michael Sperber [Mr. Preprocessor])
Date: 29 Apr 2001 12:36:44 +0200
Cc: srfi-22@xxxxxxxxxxxxxxxxx
In-reply-to: <200103090429.f294TQ816521@xxxxxxxxxxxxxxxxxxxxx> (Marc Feeley's message of "Thu, 8 Mar 2001 23:29:26 -0500")
References: <200103090429.f294TQ816521@xxxxxxxxxxxxxxxxxxxxx>
User-agent: Gnus/5.090002 (Oort Gnus v0.02) XEmacs/21.2 (Urania)

>>>>> "Marc" == Marc Feeley <feeley@xxxxxxxxxxxxxxxx> writes:

Marc> This is slightly off topic but...

Marc> Could someone explain to me the need for the IFS line?  I read the
Marc> link to the Secure UNIX Programming FAQ, and am still puzzled.
Marc> In particular if an attacker has set IFS to "=" doesn't it mean
Marc> that the line

Marc>     IFS=" "

Marc> in the script will be interpreted as

Marc>     IFS " "

Marc> which doesn't solve the security hole.

I don't think so: IFS is used to split argument list expansions.

However, I've not been able to find a single current OS with a shell
that still allows exploiting this hole.  (In particular, 4.4BSD, ksh,
bash, and AIX's bsh are fixed.)  So it may be less confusing to just
remove mention of it.

Objections?

-- 
Cheers =8-} Mike
Friede, Völkerverständigung und überhaupt blabla

References:
- IFS
  - From: Marc Feeley

Prev by Date: Re: /usr/bin/env
Next by Date: New revision of SRFI 22 available
Previous by thread: IFS
Next by thread: single line alternative
Index(es):
- Date
- Thread