alt Hacker NewsI think there is an easier substitution attack since there is shell expansion occuring. I will toy with it later today.
Replies
faresfa • yesterday at 7:52 PM
[dead]
I think there is an easier substitution attack since there is shell expansion occuring. I will toy with it later today.
[dead]
The array indexing thing is a special case in [[...]] which is otherwise more-or-less secure (no expansion occurs under typical unquoted variable access). https://news.ycombinator.com/item?id=46631811