From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 15196 invoked from network); 16 Sep 2003 14:57:34 -0000 Received: from sunsite.dk (130.225.247.90) by ns1.primenet.com.au with SMTP; 16 Sep 2003 14:57:34 -0000 Received: (qmail 20660 invoked by alias); 16 Sep 2003 14:57:15 -0000 Mailing-List: contact zsh-users-help@sunsite.dk; run by ezmlm Precedence: bulk X-No-Archive: yes X-Seq: 6584 Received: (qmail 20650 invoked from network); 16 Sep 2003 14:57:14 -0000 Received: from localhost (HELO sunsite.dk) (127.0.0.1) by localhost with SMTP; 16 Sep 2003 14:57:14 -0000 X-MessageWall-Score: 0 (sunsite.dk) Received: from [212.227.126.201] by sunsite.dk (MessageWall 1.0.8) with SMTP; 16 Sep 2003 14:57:14 -0000 Received: from [172.17.36.7] (helo=erdbeere.use.schlund.de) by mxintern.kundenserver.de with esmtp (Exim 3.35 #1) id 19zHGT-0003MF-00 for zsh-users@sunsite.dk; Tue, 16 Sep 2003 16:57:13 +0200 Received: from luthien by erdbeere.use.schlund.de with local id 19zHHY-0002X4-00 for ; Tue, 16 Sep 2003 16:58:20 +0200 Date: Tue, 16 Sep 2003 16:58:20 +0200 From: Dominik Vogt To: Zsh Users Subject: security risk in source builtin? Message-ID: <20030916145820.GC4583@gmx.de> Reply-To: dominik.vogt@gmx.de Mail-Followup-To: Zsh Users Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.28i A colleague and I just noticed that the "source" builtin looks for its argument in the $PATH. I guess that's something POSIX demands, but isn't it also a security risk? In this case, the following happened: $ ls -F test $ cat test echo hello world $ source test /usr/bin/test:3: bad pattern: ^@^F^@(... Unless it is really important to have this behaviour for compatibility reasons, shouldn't searching the $PATH be at least disabled by default? Ciao Dominik ^_^ ^_^