On Sunday 27 March 2011 02:38 AM, Joachim Breitner wrote:
Hi,
Am Samstag, den 26.03.2011, 23:18 +0530 schrieb Osric Fernandes:
On Fri, Mar 25, 2011 at 6:29 PM, Rony wrote:
I will check it out. There must be some grep option to look for absolute values.
Since you are storing each name on a line by itself, you can use:
grep -q "^$USER$" present
The ^ and $ match the beginning and the end of the line respectively. Read the "Regular Expressions" section of the grep man page for more information.
as discussed in the meeting, this is not sufficient. Safer would be $ fgrep -qx "$USER" present
Greetings, Joachim
Thanks Joachim. For the first time I actually saw how a code can be cracked into, via an input string only. For the benefit of those who were not present, Joachim was able to crack the user name even though that name was not in the list. Instead of a known username, he used a username string expression that only looked for an alphabet and it was naturally found among the many names. That allowed him in as a valid user.
This is a very good example of how opening the code allows it to be improvised and become free of bugs.