[TUHS] shell escapes in utilities

ron minnich rminnich at gmail.com
Wed Aug 2 01:30:41 AEST 2023

I'm ok with things like ed, I'm more thinking of situations where
people would (e.g.) use xdvi to view a file, and Bad Things Happened.
I don't think ed counts, unless we're that worried about scripts.

at least for me, the xdvi thing was a real shock.

On Tue, Aug 1, 2023 at 7:29 AM Skip Tavakkolian <fariborz.t at gmail.com> wrote:
> Looking at sources on TUHS, it looks like ed had it as early as V5:
> https://minnie.tuhs.org/cgi-bin/utree.pl?file=V5/usr/source/s1/ed1.s
> On Mon, Jul 31, 2023, 10:48 PM ron minnich <rminnich at gmail.com> wrote:
>> I got to wondering, based on the sendmail discussions, how many shell
>> escapes have appeared over the years?
>> uucp
>> sendmail
>> xdvi : "The "allowShell" option enables the shell escape in PostScript specials"
>> There must be a lot of them, however.

More information about the TUHS mailing list