[PATCH] RFC: shell-safe version of string_sub()?

Peter Samuelson peter at cadcamlab.org
Fri Oct 27 00:17:40 GMT 2000


[Dave C-B]
> Just for clarity, you might call it string_sub_requoted instead of
> _sh, as the user would then see that it it just requotes string args,
> rather than thinking it was all they needed for the shell.

Dunno, sh_* seems clear enough for me.  Anyone who writes shell applets
(I hate that word) for these sorts of purposes is going to have to
learn to be careful about a lot more than the input arguments, if they
care about security.  Perhaps 'requote' is only clearer to former
Multicians -- of which I know exactly one.

I'll leave it up to whoever wants to integrate the patch.

Peter




More information about the samba-technical mailing list