On Wed, Jun 04, 2008 at 03:40:59PM -0500, Nicolas Williams wrote: > On Wed, Jun 04, 2008 at 10:30:57PM +0200, Roland Mainz wrote: > > David Bustos wrote: > > > set -- `svcprop ...` > > > # use positional parameters > > > > > Note that the example above relies in the use of IFS _and_ may be > > vulnerable to attributary (shell) code execution. Technically the use of > > The idea is for svcprop to quote things so this is not vulnerable > provided you're using the standard IFS.
Although I'm not sure I can find a way to preserve embedded newlines in property values.
