Date: Wed, 9 Aug 2000 07:11:03 +0100 From: Ben Smithurst <ben@FreeBSD.org> To: Kris Kennaway <kris@FreeBSD.org> Cc: Brian Somers <brian@Awfulhak.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc rc Message-ID: <20000809071103.U65753@strontium.scientia.demon.co.uk> In-Reply-To: <Pine.BSF.4.21.0008081605290.300-100000@freefall.freebsd.org> References: <200008082256.XAA03062@hak.lan.Awfulhak.org> <Pine.BSF.4.21.0008081605290.300-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > On Tue, 8 Aug 2000, Brian Somers wrote: > >> How is it vulnerable to files with spaces ? I have specifically >> tested this with filenames containing embedded spaces and ^Hs and the >> like. > > Oops, I misread the effect of this line: > > + cd "$dir" && ls | while read file > > I assumed the 'read' would just take the next word. I think this will still break for filenames which either begin or end with a space, or contain a newline. Why not just use 'for file in .* *; do ...; done' which would seem safer? -- Ben Smithurst / ben@FreeBSD.org / PGP: 0x99392F7D FreeBSD Documentation Project / To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000809071103.U65753>