From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from euclid.skiles.gatech.edu (list@euclid.skiles.gatech.edu [130.207.146.50]) by melb.werple.net.au (8.7.5/8.7.3) with ESMTP id HAA22962 for ; Tue, 21 May 1996 07:33:46 +1000 (EST) Received: (from list@localhost) by euclid.skiles.gatech.edu (8.7.3/8.7.3) id RAA13613; Mon, 20 May 1996 17:10:28 -0400 (EDT) Resent-Date: Mon, 20 May 1996 17:10:28 -0400 (EDT) From: Zefram Message-Id: <1222.199605202109@stone.dcs.warwick.ac.uk> Subject: Re: 8-bit patch for zle_tricky.c To: hzoli@cs.elte.hu (Zoltan Hidvegi) Date: Mon, 20 May 1996 22:09:08 +0100 (BST) Cc: schaefer@nbn.com, A.Main@dcs.warwick.ac.uk, zsh-workers@math.gatech.edu In-Reply-To: <199605201836.UAA05688@bolyai.cs.elte.hu> from "Zoltan Hidvegi" at May 20, 96 08:36:16 pm X-Loop: zefram@dcs.warwick.ac.uk X-Stardate: [-31]7534.40 X-US-Congress: Moronic fuckers MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Resent-Message-ID: <"js5J8.0.aK3.3_Den"@euclid> Resent-From: zsh-workers@math.gatech.edu X-Mailing-List: archive/latest/1104 X-Loop: zsh-workers@math.gatech.edu Precedence: list Resent-Sender: zsh-workers-request@math.gatech.edu >Yes, the original Bourne Shell used IFS in the lexer to separate words but >I think that this does not conform the POSIX Shell and Utilities standard. It's been a while since I read the standard, and I don't have access to a copy any more, but I'm pretty sure it's required. I needed to check this particular matter for some reason. Can someone with a POSIX shell or the standard check this? >Also it may be a security hole if IFS is exported. That's why bash and >ksh does not use IFS here, and zsh should not use it either. It is a security hole, but (a) setuid shell scripts are insecure anyway on most systems, and (b) there's a way to avoid it: #!/bin/sh IFS=' ' echo Note that IFS is now safe. The above, as a shell script, is secure if setuid on, for example, Solaris. Anyone writing setuid scripts should know this technique. Another solution would be to remove sensitive parameters such as IFS and LD_* on initialisation if the PRIVILEGED option is set (euid != ruid). Note that a script can already totally clear the exported environment by doing `typeset +x -m \*`. -zefram