27 Mar
2011
27 Mar
'11
7:22 a.m.
2011/3/27 Raj Mathur (राज माथुर):
On Sunday 27 Mar 2011, Joachim Breitner wrote:
No, this line is safe with $ fgrep -qx "$USER" present
Thanks to the quotes around $USER, the `...` part would not be executed. But the quotes should be around every use of USER, in the later part of the code your exploit works.
As Binand pointed out in personal mail, you are absolutely correct and the shell will not interpret `...` commands in a variable read from a user.
So, given BASH's treatment of quoted variables, is there any difference between the two?
grep -q "^$USER$" present fgrep -qx "$USER" present
Regards Osric Xavier Fernandes