Zsh Mailing List Archive
Messages sorted by:
Reverse Date,
Date,
Thread,
Author
Re: /bin/sh is spawned - wtf?!?!?
- X-seq: zsh-users 12738
- From: "Mikael Magnusson" <mikachu@xxxxxxxxx>
- To: zsh-users@xxxxxxxxxx
- Subject: Re: /bin/sh is spawned - wtf?!?!?
- Date: Fri, 28 Mar 2008 12:30:46 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=BMWOm211gAii2bw2sOwaB6jsY0HpUh9gVIrRZZojUDE=; b=sKVUbqJymrLDsEqc6iuj0wEao+UvMSzjZSgYV8sdw1t8KEzZWIeLtknd488vbjcfv0UGV1KBRZPHB9f8BGtUu796c6zfdq/ppA0+eAhsQSd0yaDVCvpRIxv3oMaK0YYChTtwYADYbypx+JqBS+bSUjU9b6Y7st9N26gHDnmJBXY=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=MyaK8y/VjhYAL4NAuINO1ZEKg5jhfUXW/lgBEf5Y0TGVTqbpLbTbFX/NP+dcR4OcUh2WPbfldZK4g31+Io3V0f8bDtkwriy+V8NaNv0ismPfSdVZliY+XOIcUoNijVuKgpl/kWHZBIjVO9xf6TYOqPLllHcIQ1IblCM9+MSGMyI=
- In-reply-to: <20080328112206.38515.qmail@xxxxxxxxxxx>
- Mailing-list: contact zsh-users-help@xxxxxxxxxx; run by ezmlm
- References: <20080328105958.92845.qmail@xxxxxxxxxxx> <237967ef0803280416i5fb3c573g3e78ba33e1679e8a@xxxxxxxxxxxxxx> <20080328112206.38515.qmail@xxxxxxxxxxx>
On 28/03/2008, Atom Smasher <atom@xxxxxxxxxxx> wrote:
> On Fri, 28 Mar 2008, Mikael Magnusson wrote:
>
> > If you're worried about security, you probably shouldn't try to execute
> > files without looking at them first. Note that it says 'not in
> > executable format', and not 'does not have the executable permission bit
> > set'.
>
> ===============
>
> i get that, but i'd still like to have an option that would require me to
> do something like this if i want to run it:
> % sh file
I don't see how the file is more secure by having '#!/bin/sh' at the
top if you still don't look at what it does... Or do you mean you have
random text files with the executable bit set that you don't want to
execute by accident? If so you probably shouldn't have them in your
$path.
--
Mikael Magnusson
Messages sorted by:
Reverse Date,
Date,
Thread,
Author