[PRL] Bourne Shell Server Pages
Peter Dillinger
pcd at ccs.neu.edu
Thu Nov 22 15:45:50 EST 2007
On Thu, Nov 22, 2007 at 12:37:55PM -0500, Shriram Krishnamurthi wrote:
> When you find people with too much time on their hands, it's good to see that
> they've found a way to spend that time harmlessly.
harmlessly? you realize how hard it is to build a secure system that
so regularly executes code created by putting together strings with
hard-to-understand escaping rules? it's like a triple-whammy just
begging for "; rm -rf / ; echo "lots of trouble. ;)
--
Peter Dillinger
peterd at gatech.edu
http://www.peterd.org
More information about the PRL
mailing list