I agree with the OP. Bash is a scripting language. If you use it, you must be aw... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

mariusz79 on Sept 27, 2014 | parent | context | favorite | on: Not a bash bug

I agree with the OP. Bash is a scripting language. If you use it, you must be aware that you can damage the system. If you allow your script to get input from the untrusted sources it's your job to sanitize it.

clarry on Sept 27, 2014 [–]

> If you allow your script to get input from the untrusted sources

This wasn't the problem. The problem wasn't with scripts getting untrusted input. The problem was with bash getting untrusted input -- input that isn't supposed to be evalled in the first place.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact