Hi, Thorsten Glaser: > Never put “tainted” input into ksh arithmetics, period.
The problem is that there's no option akin to perl's Taint mode which tells the shell that some operations / variable contents are OK and some are not. Sure it's a user error, ultimately, but the system doesn't help the user to fix the bug. It doesn't fail safe, indeed it cannot. That's the real failure, and it probably is not even fixable. Of course, there's the flip side: scripts which are so complex that this kind of error can creep in should not be written in Shell in the first place … -- -- Matthias Urlichs
signature.asc
Description: Digital signature
