|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Unix * weirdness
Subject: Re: Unix * weirdness
From: Forever shall I be. (zinx
LINUXFREAK.COM)
Date: Sat Jan 01 2000 - 16:53:16 CST
- Next message: Andrew W. Flury: "Re: Unix * weirdness"
- Previous message: Scott Hardy: "Re: Unix * weirdness"
- In reply to: Blue Boar: "Unix * weirdness"
- Next in thread: Blue Boar: "Re: Unix * weirdness"
- Next in thread: Andrew W. Flury: "Re: Unix * weirdness"
- Reply: Forever shall I be.: "Re: Unix * weirdness"
- Reply: Blue Boar: "Re: Unix * weirdness"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Blue Boar wrote:
> This is one of those funny thing I notice when doing my regular job.
>
> I had to clean out the following directory: (It's from a firewall-1
> install, if you're curious)
>
> ls -al
> total 62
> -rw-r--r-- 1 root other 24 Apr 16 1999 -proc
> drwxr-xr-x 11 root root 512 Dec 30 18:13 .
> drwxr-xr-x 23 root root 512 Dec 30 17:25 ..
> drwx------ 2 root bin 1024 Aug 5 20:32 bin
> drwx------ 2 root bin 512 Jan 13 1999 cisco
> drwx------ 2 root bin 512 Jan 13 1999 doc
> drwx------ 3 root bin 1024 Apr 16 1999 lib
> drwx------ 2 root other 13312 Dec 22 00:01 log
> drwx------ 2 root root 8192 Jan 13 1999 lost+found
> drwx------ 5 root bin 512 Jan 13 1999 man
> drwx------ 2 root bin 512 Apr 16 1999 modules
> drwx------ 2 root bin 1024 Jan 13 1999 scripts
>
> # rm -R *
> rm: illegal option -- p
> rm: illegal option -- o
> rm: illegal option -- c
> usage: rm [-fiRr] file ...
>
> It took me a minute. It's taking the file named -proc and parsing as
> if it was a set of command line options. I guess this makes some
> sense.. I believe the shell just takes all the files and makes them all
> command-line parameters when you use *.
Yes, the shell only does the expansion, the program parses the command
line arguments.
>
> Naturally, I've been thinking about the possibilities... I haven't
> had much time to work out details (got sucked into Y2K weekend
> work) so I wanted to pass this to the list for further explanation.
>
> BTW, I got rid of it with:
>
> # unlink -proc
at least with GNU rm (and i'm assuming all other versions have a similar
method), you can use rm -- -proc, but you could have also done rm ./-proc
(or in this case, rm -R ./*).
>
> So, I wonder what other kinds of traps can be laid for the root
> user or cron jobs, etc... For example, here's a line from my
> S05RMTMPFILES in /etc/rc2.d dir, on a Solaris 2.6 machine.
> (Which is where this behavior was noticed):
>
> /usr/bin/rm -rf /tmp/*
All arguments will be prefixed with /tmp/ in this case, thus negating the
effect. No vulnerability.
>
> So, if I can place an interestingly names file in /tmp
> (and anyone can) can I get interesting things to happen
> when the machine reboots.
Nope.
>
> For example, can I get a file with spaces in it? How about
> the | (vertical bar) character? How about a ; ?
Yes, but it won't matter, when it's expanded by the shell they will be
passed as if they were quoted.
>
> (Yes, I could test it myself if I had time at the moment.)
>
> Is this a really old "feature" that everyone knows about except me?
You need to learn more about how shell expanding, and 'rm' work :)
>
> BB
>
-- Zinx Verituse (finger
- Next message: Andrew W. Flury: "Re: Unix * weirdness"
- Previous message: Scott Hardy: "Re: Unix * weirdness"
- In reply to: Blue Boar: "Unix * weirdness"
- Next in thread: Blue Boar: "Re: Unix * weirdness"
- Next in thread: Andrew W. Flury: "Re: Unix * weirdness"
- Reply: Forever shall I be.: "Re: Unix * weirdness"
- Reply: Blue Boar: "Re: Unix * weirdness"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sat Jan 01 2000 - 21:24:13 CST