Where am I (csh)
Michael O'Donnell
mod+gnhlug at std.com
Wed Jan 15 17:51:26 EST 2003
Some followup examples, with the last one showing how it can fail:
######## shrapnel:/tmp 165---> cat /tmp/nastyHack ; chmod a+x /tmp/nastyHack
cd $* # Stand in specified directory ($HOME if none),
echo PWD is $PWD # confirm our location,
ls -CFl /proc/$$/fd # demo the concept.
######## shrapnel:/tmp 166---> cd / ; /tmp/nastyHack
PWD is /home/mod
total 0
lrwx------ 1 mod mod 64 Jan 15 17:39 0 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:39 1 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:39 2 -> /dev/pts/3
lr-x------ 1 mod mod 64 Jan 15 17:39 255 -> /tmp/nastyHack*
######## shrapnel:/ 167---> cd / ; /tmp/nastyHack /etc
PWD is /etc
total 0
lrwx------ 1 mod mod 64 Jan 15 17:39 0 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:39 1 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:39 2 -> /dev/pts/3
lr-x------ 1 mod mod 64 Jan 15 17:39 255 -> /tmp/nastyHack*
######## shrapnel:/ 168---> cd /tmp ; ./nastyHack /usr/local
PWD is /usr/local
total 0
lrwx------ 1 mod mod 64 Jan 15 17:40 0 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:40 1 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:40 2 -> /dev/pts/3
lr-x------ 1 mod mod 64 Jan 15 17:40 255 -> /tmp/nastyHack*
######## shrapnel:/tmp 169---> cd /var/log ; bash </tmp/nastyHack
PWD is /home/mod
total 0
lr-x------ 1 mod mod 64 Jan 15 17:40 0 -> /tmp/nastyHack*
lrwx------ 1 mod mod 64 Jan 15 17:40 1 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:40 2 -> /dev/pts/3
######## shrapnel:/var/log 170---> cd /var/log ; cat /tmp/nastyHack | bash
PWD is /home/mod
total 3
lr-x------ 1 mod mod 64 Jan 15 17:45 0 -> pipe:[364424]
lrwx------ 1 mod mod 64 Jan 15 17:45 1 -> /dev/pts/3
lrwx------ 1 mod mod 64 Jan 15 17:45 2 -> /dev/pts/3
More information about the gnhlug-discuss
mailing list