reopen 303649 retitle 303649 [fixed in 3.1] bash: echo builtin should recognize '--' option tags 303649 + upstream tags 303649 + fixed-upstream thanks one more thing:
bash-3.1 will have a change: In POSIX mode, if `xpg_echo' option is enabled, the `echo' builtin doesn't try to interpret any options at all, as POSIX requires. Greg Kochanski writes: > Package: bash > Version: 2.05b-26 > Severity: normal > > Echo does not support the '--' flag. > It should to, otherwise any script containing the line: > > echo "$x" > > is are prone to unexpected bugs, > if $x is unexpectedly set to > '-n', '-e', or '-E', '--help', or '--version'. > > If echo recognized '--', then a script could > be written containing > > echo -- "$x" > > that would behave properly for all values of $x. > > > There is a potential security risk, too, but it is a bit far fetched. It is > possible that the ability > to remove an expected newline (by setting x='-n') could be used to > cause errors which someone might be able > to take advantage of. > > The kind of place where problems are most likely to appear is > in places like this: > > echo "$x" "$y" | program > > > > And, in case you think you can kluge around it, > doing > > echo '' "$x" > > doesn't work. It immunizes you to unexpected values of x, > but it inserts a space at the beginning of the output. > > > -- System Information: > Debian Release: 3.1 > APT prefers testing > APT policy: (500, 'testing') > Architecture: i386 (i686) > Kernel: Linux 2.6.8-2-686 > Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) > > Versions of packages bash depends on: > ii base-files 3.1.2 Debian base system miscellaneous > f > ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries > an > ii libncurses5 5.4-4 Shared libraries for terminal > hand > ii passwd 1:4.0.3-31sarge1 change and administer password > and > > -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]