Beware xargs security holes
Paul Chamberlain
tif at doorstop.austin.ibm.com
Wed Oct 17 00:24:46 AEST 1990
In article <4062:Oct1518:22:1290 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
> find / -name '#*' -atime +7 -print | xargs rm
>lets a malicious user remove every file on the system.
If I understand, to do this a user would have to create a file
with a '/' in its name. Is this possible on some systems?
The most malicious thing I can do with the above command is
remove a file that doesn't start with '#' that's in a
writable directory.
Twice (I think), you have asserted grave danger with find
and xargs. I still don't see it.
Paul Chamberlain | I do NOT represent IBM. tif at doorstop, sc30661 at ausvm6
512/838-7008 | ...!cs.utexas.edu!ibmaus!auschs!doorstop.austin.ibm.com!tif
More information about the Comp.unix.shell
mailing list