[TUHS] shell escapes in utilities
ron minnich
rminnich at gmail.com
Wed Aug 2 01:30:41 AEST 2023
I'm ok with things like ed, I'm more thinking of situations where
people would (e.g.) use xdvi to view a file, and Bad Things Happened.
I don't think ed counts, unless we're that worried about scripts.
at least for me, the xdvi thing was a real shock.
On Tue, Aug 1, 2023 at 7:29 AM Skip Tavakkolian <fariborz.t at gmail.com> wrote:
>
> Looking at sources on TUHS, it looks like ed had it as early as V5:
> https://minnie.tuhs.org/cgi-bin/utree.pl?file=V5/usr/source/s1/ed1.s
>
> On Mon, Jul 31, 2023, 10:48 PM ron minnich <rminnich at gmail.com> wrote:
>>
>> I got to wondering, based on the sendmail discussions, how many shell
>> escapes have appeared over the years?
>>
>> uucp
>> sendmail
>> xdvi : "The "allowShell" option enables the shell escape in PostScript specials"
>>
>> There must be a lot of them, however.
More information about the TUHS
mailing list