[TUHS] shell escapes in utilities
Grant Taylor via TUHS
tuhs at tuhs.org
Thu Aug 3 00:49:08 AEST 2023
On 8/2/23 5:49 AM, Rich Salz wrote:
> I don't think of that as a shell escape the way we seem to be using it.
> Piping to a sub process is not the same as spawning and interactive
> subshell.
That's why I asked for clarification of what "shell escape" is in the
context of this discussion.
I can tell you from a sudo point of view, having vim et al. use
:'<,'>!sort is considered a shell escape in that the authorized program
(/path/to/)vim is executing a sub-process. It is possible to allow use
of vim while preventing it from calling external processes via sudo.
I agree that :'<,'>!sort isn't something like breaking out of something
intended to contain you.
--
Grant. . . .
More information about the TUHS
mailing list