Control: tags -1 - security On Fri, 2016-04-15 at 00:02 +0800, Paul Wise wrote:
> There is a famous article that I can't find now where one can cause > arbitrary code execution if one can cause arbitrary argument > injection to common commands like tar. This is the article I was thinking of: https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt > Not sure if this case is exploitable but I'm tagging this security > just in case. Based on the grep manual page it doesn't look like it is. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
