BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Bourne Shell variable assignment question

Subject: [Discuss] Bourne Shell variable assignment question
From: cra at WPI.EDU (Chuck Anderson)
Date: Thu, 15 Dec 2011 17:31:37 -0500
In-reply-to: <4EEA71C0.9040008@blu.org>
References: <4EEA5F20.9010409@blu.org> <5D8D8C90-E936-4B48-A56E-A3BC384C77D3@acranox.org> <4EEA6646.6020808@gmail.com> <4EEA680D.1010008@blu.org> <1323985896.4336.35913.camel@concord3.proximity.on.ca> <4EEA71C0.9040008@blu.org>

On Thu, Dec 15, 2011 at 05:16:32PM -0500, Jerry Feldman wrote:
> Thanks guys.
> I have several workable solutions for him. The underlying issue is that
> he wants to prevent malicious code.  In the context he is working on, I
> don't think that is a risk, but using egrep to reject any lines that are
> not in the form 'var=value'. I also think that his script must be
> Bourne, not BASH.

I believe eval is susceptible to the same risks as source.

References:
- [Discuss] Bourne Shell variable assignment question
  - From: gaf at blu.org (Jerry Feldman)
- [Discuss] Bourne Shell variable assignment question
  - From: peterd at acranox.org (Peter Doherty)
- [Discuss] Bourne Shell variable assignment question
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Bourne Shell variable assignment question
  - From: gaf at blu.org (Jerry Feldman)
- [Discuss] Bourne Shell variable assignment question
  - From: chris at tylers.info (Chris Tyler)
- [Discuss] Bourne Shell variable assignment question
  - From: gaf at blu.org (Jerry Feldman)

Prev by Date: [Discuss] Bourne Shell variable assignment question
Next by Date: [Discuss] Bourne Shell variable assignment question
Previous by thread: [Discuss] Bourne Shell variable assignment question
Next by thread: [Discuss] Bourne Shell variable assignment question
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org