wildcard poisoning

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

wildcard poisoning

Stefan Olsson-3
I came across an interesting article on wildcards in shell:
http://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt


Tested some of the above in pdksh on a current OpenBSD-host:
$ mkdir test
$ cd test
$ touch file1 file2 file3 "-rf"
$ mkdir DIR1 DIR2              
$ ls -al
total 16
-rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 -rf
drwxr-xr-x   4 sturban  sturban   512 Sep 10 04:26 ./
drwxr-xr-x  10 sturban  sturban  1024 Sep 10 04:25 ../
drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 DIR1/
drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 DIR2/
-rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file1
-rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file2
-rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file3
$ rm *
$ ls -al 
total 8
-rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 -rf
drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 ./
drwxr-xr-x  10 sturban  sturban  1024 Sep 10 04:25 ../

Reply | Threaded
Open this post in threaded view
|

Re: wildcard poisoning

patrick keshishian
On 9/9/14, Stefan Olsson <[hidden email]> wrote:

> I came across an interesting article on wildcards in shell:
> http://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt
>
>
> Tested some of the above in pdksh on a current OpenBSD-host:
> $ mkdir test
> $ cd test
> $ touch file1 file2 file3 "-rf"
> $ mkdir DIR1 DIR2
> $ ls -al
> total 16
> -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 -rf
> drwxr-xr-x   4 sturban  sturban   512 Sep 10 04:26 ./
> drwxr-xr-x  10 sturban  sturban  1024 Sep 10 04:25 ../
> drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 DIR1/
> drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 DIR2/
> -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file1
> -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file2
> -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file3
> $ rm *
> $ ls -al
> total 8
> -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 -rf
> drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 ./
> drwxr-xr-x  10 sturban  sturban  1024 Sep 10 04:25 ../

$ touch file1 file2 file3 "-rf"
$ mkdir DIR1 DIR2
$ ls -al
total 16
-rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 -rf
drwxr-xr-x  4 sidster  wheel   512 Sep  9 21:19 ./
drwxrwxrwt  8 root     wheel  1024 Sep  9 21:19 ../
drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR1/
drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR2/
-rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 file1
-rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 file2
-rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 file3
$ rm ./*
rm: ./DIR1: is a directory
rm: ./DIR2: is a directory
noir $ ls -al
total 16
drwxr-xr-x  4 sidster  wheel   512 Sep  9 21:20 ./
drwxrwxrwt  8 root     wheel  1024 Sep  9 21:19 ../
drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR1/
drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR2/

be smarter than that.

--patrick

Reply | Threaded
Open this post in threaded view
|

Re: wildcard poisoning

polken
i think that this is not something related with OBSD security but with the
correct use of the shell of course this is something that could happen

> Date: Tue, 9 Sep 2014 21:21:30 -0700
> Subject: Re: wildcard poisoning
> From: [hidden email]
> To: [hidden email]
> CC: [hidden email]
>
> On 9/9/14, Stefan Olsson <[hidden email]> wrote:
> > I came across an interesting article on wildcards in shell:
> >
http://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt

> >
> >
> > Tested some of the above in pdksh on a current OpenBSD-host:
> > $ mkdir test
> > $ cd test
> > $ touch file1 file2 file3 "-rf"
> > $ mkdir DIR1 DIR2
> > $ ls -al
> > total 16
> > -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 -rf
> > drwxr-xr-x   4 sturban  sturban   512 Sep 10 04:26 ./
> > drwxr-xr-x  10 sturban  sturban  1024 Sep 10 04:25 ../
> > drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 DIR1/
> > drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 DIR2/
> > -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file1
> > -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file2
> > -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 file3
> > $ rm *
> > $ ls -al
> > total 8
> > -rw-r--r--   1 sturban  sturban     0 Sep 10 04:26 -rf
> > drwxr-xr-x   2 sturban  sturban   512 Sep 10 04:26 ./
> > drwxr-xr-x  10 sturban  sturban  1024 Sep 10 04:25 ../
>
> $ touch file1 file2 file3 "-rf"
> $ mkdir DIR1 DIR2
> $ ls -al
> total 16
> -rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 -rf
> drwxr-xr-x  4 sidster  wheel   512 Sep  9 21:19 ./
> drwxrwxrwt  8 root     wheel  1024 Sep  9 21:19 ../
> drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR1/
> drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR2/
> -rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 file1
> -rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 file2
> -rw-r--r--  1 sidster  wheel     0 Sep  9 21:19 file3
> $ rm ./*
> rm: ./DIR1: is a directory
> rm: ./DIR2: is a directory
> noir $ ls -al
> total 16
> drwxr-xr-x  4 sidster  wheel   512 Sep  9 21:20 ./
> drwxrwxrwt  8 root     wheel  1024 Sep  9 21:19 ../
> drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR1/
> drwxr-xr-x  2 sidster  wheel   512 Sep  9 21:19 DIR2/
>
> be smarter than that.
>
> --patrick