[ALUG] Wildcards gone wild
Andreas Tauscher
ta at geuka.net
Fri Jun 27 18:59:47 EAT 2014
Am 06/27/2014 06:00 PM, schrieb Howard L Frederick:
> That is seriously scary.
But easy to prevent:
* Double-quote all variable references and command substitutions.
Instead $var use "$var"
* Set IFS to just newline and tab IFS="$(printf '\n\t')"
* Prefix all path/file names with ./ so they cannot expand to begin with
“-”. "rm *" will expand a file named -rf to
rm file1 file2 file3 ..... -rf
rm ./* will expand to
rm ./file1 ./file2 ./file3 ..... ./-rf
* Be careful about file names. They might contain control characters,
not printable character. Filtering out all not printable chars can be
done with something like this: printf '%s' "$file" | LC_ALL=POSIX tr -d
'[:cntrl:]' | iconv -cs -f UTF-8 -t UTF-8
More information about the Linux
mailing list