[PATCH] RFC: shell-safe version of string_sub()?
peter at cadcamlab.org
Fri Oct 27 00:17:40 GMT 2000
> Just for clarity, you might call it string_sub_requoted instead of
> _sh, as the user would then see that it it just requotes string args,
> rather than thinking it was all they needed for the shell.
Dunno, sh_* seems clear enough for me. Anyone who writes shell applets
(I hate that word) for these sorts of purposes is going to have to
learn to be careful about a lot more than the input arguments, if they
care about security. Perhaps 'requote' is only clearer to former
Multicians -- of which I know exactly one.
I'll leave it up to whoever wants to integrate the patch.
More information about the samba-technical