On Thu, Jun 12, 2008 at 02:44:02AM -0500, Nicolas Williams wrote: > On Thu, Jun 12, 2008 at 03:43:36AM -0400, Peter Memishian wrote: > > > > > > * Use of eval presents a significant security risk: any command > > > > where a non-privileged user might gain control over any > > field's > > > > value makes eval as root (say, in an admin script) unsafe. > > > > > > To avoid this do: a) quote '$', '`' and a few other unsafe characters, > > > b) instruct developers to disable globbing prior to evaluating this > > > output. It should be possible to make dladm's output eval safe (and if > > > not then let's find out why not). > > > > Please, let's not. The eval approach seemed clever at the time, but in > > retrospect it was a mistake. > > Because it was incomplete.
And incorrect, since it uses variable names like "BSSID/IBSSID". Given that I'm looking to fix similar issues in svcprop I think we should think about precedent.
