It took fifteen minutes of misreading the bash manual to write a filename that perl will execute as "touch /" when using <>, -p, or -n.
$ touch 'touch $'\''\x2f'\''|'
$ ls
touch $'\x2f'|
$ perl -pee *
touch: /: Permission denied
As explanation, the filename is used by perl's two-arg open by perl's magic <> by perl's -p command line paramter.
while (<>) {
'e';
}
When it comes to reading the file, it runs something like this:
open ARGV, q{touch $'\x2f'|};
Since it ends in a pipe, perl's going to fork, run the command without the pipe and then read from it. Usually you'd use it for stuff like "zcat $filename |" for automatic decompression or whatever.
It's running something like:
sh -c 'touch $'\''\x2f'\'
which when run by sh is
touch $'\x2f'
after shell decoding is...
touch /
This is supposed to be a feature. Huzzah, I guess. I'm told that because it was once documented as feature, it can't be considered a bug and fixed. :-(
Just for giggles, my current directory was also named <>.
You might want to HTML encode you title next time
Stevan on 2009-02-23T20:47:01
You might want to HTML encode you title next time
- Stevan
Re:You might want to HTML encode you title next ti
jjore on 2009-02-23T21:06:58
Oh no! It already is. I guess I could double-encode it just for the home page but then it'll show up badly for anything that does the right thing.
That's hilarious.
