On Mon, May 8, 2017 at 3:09 PM, Chet Ramey <chet.ra...@case.edu> wrote: > There's no compelling reason to disallow it. If a system administrator > wants to unbind certain readline commands (and unset INPUTRC!) to protect > against a specific use case, he is free to do that.
I agree. I changed my mind after sending that email. I still think it would be prudent to mention this in the docs somewhere. Perhaps a section on "security notes" in the manual/reference? or a mention in the FAQ? Similar to sudo's manual page: - http://manpages.ubuntu.com/manpages/xenial/man8/sudo.8.html#contenttoc5 - http://manpages.ubuntu.com/manpages/xenial/man8/sudo.8.html#contenttoc12 I couldn't find any decent reference online that mentions a few of the "traps" that bash has in regards to secure programming (e.g. "don't evaluate user supplied input in arithmetical contexts without sanitizing!", "be careful with SHELLOPTS/xtrace/PS4!", "don't use read -e unless you trust the user supplying the info or know how to plug the holes", "don't evaluate user supplied regular expressions!") And... I just realized this was discussed before here: https://lists.gnu.org/archive/html/bug-bash/2015-12/msg00098.html IMO, just having it documented somewhere is good enough.
