Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Holo.Rodents.Montreal.QC.CA>
List: current-users
Date: 01/04/1997 09:43:16
>> 1. shell metacharacter vulerability of 'ls ... | sh' code

>>    This can be fixed by using 'find ... -print0 | xargs -0 ls ...',

> What, precicely, do these new options do?  They're only valuable if
> they're necessary

find -print0 outputs filenames with printf("%s%c",thefilename,0)
instead of printf("%s\n",thefilename).  The idea is that the output
byte stream is completely unambiguous regardless of what characters
appear in the pathname components (because a NUL can never be part of a
pathname component).

xargs -0 changes the way xargs breaks its input into arguments, so as
to cooperate with find -print0; it breaks on NULs only and doesn't do
any of the silly quoting conventions.  (At least that's what it does in
my xargs; I would hope that's how any other xargs that supports -0
would implement it, since it's really designed to interoperate with
find -print0 - what else separates filenames with NULs?)

					der Mouse

		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B