[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: declare a="$b" if $a previously set as array
From: |
Stephane Chazelas |
Subject: |
Re: declare a="$b" if $a previously set as array |
Date: |
Mon, 8 Dec 2014 21:07:23 +0000 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
2014-12-08 12:48:05 -0800, Linda Walsh:
[...]
> declare -x fmt='($(echo uid:$UID) $(echo euid:$EUID) $(date) $(uname -n))'
> declare -a out
> declare -l out=$fmt
> echo "out=${out[@]}"
> sudo bash --norc -c 'declare -a out;declare -l out=$fmt; echo
> "out=${out[@]}"'
>
>
> ----
> Run that and you get:
>
> out=uid:5013 euid:5013 mon dec 8 12:39:06 pst 2014 ishtar
> out=uid:0 euid:0 mon dec 8 12:39:06 pst 2014 ishtar
>
>
> All of the terms are evaluated at the time of final execution.
>
> --- This usage ***depends*** on delayed evaluation -- which you
> claim is "code injection". This is the way shell is supposed to
> operate. The programmer ***HAS*** to choose when to cause the expression
> to be evaluated depending on their need.
[...]
Hi Linda,
then change it to:
sudo bash --norc -c 'declare -a out;declare -l out; out=$fmt; echo
"out=${out[@]}"'
And you get the behaviour *I* expect (assign the content of $fmt
to out[0] (aka out)).
Would you then say that bash is broken there?
If I want the shell to evaluate the content of a variable as
code, I use "eval". And I know it's a dangerous command and
that I should use it carefully. I don't expect "declare" to do
the job of "eval", I don't expect "declare" to run commands, I
only expect it to declare variables (and possibly assign values
to them).
(BTW, don't forget to add back the "Defaults env_reset" to your
/etc/sudoers as your system is currently probably vulnerable to
local privilege escalation if you're using restricted sudoer
commands).
--
Stephane
- declare a="$b" if $a previously set as array, Stephane Chazelas, 2014/12/06
- Re: declare a="$b" if $a previously set as array, Chet Ramey, 2014/12/06
- Re: declare a="$b" if $a previously set as array, Stephane Chazelas, 2014/12/08
- Re: declare a="$b" if $a previously set as array, Linda Walsh, 2014/12/08
- Re: declare a="$b" if $a previously set as array,
Stephane Chazelas <=
- Re: declare a="$b" if $a previously set as array, Eduardo A . Bustamante López, 2014/12/08
- Re: declare a="$b" if $a previously set as array, Linda Walsh, 2014/12/08
- Re: declare a="$b" if $a previously set as array, konsolebox, 2014/12/09
- Re: declare a="$b" if $a previously set as array, Chet Ramey, 2014/12/14
- Re: declare a="$b" if $a previously set as array, konsolebox, 2014/12/15
- Re: declare a="$b" if $a previously set as array, konsolebox, 2014/12/17
- Re: declare a="$b" if $a previously set as array, Chet Ramey, 2014/12/14
- Re: declare a="$b" if $a previously set as array, Chet Ramey, 2014/12/14
- Re: declare a="$b" if $a previously set as array, Chet Ramey, 2014/12/14
- Re: declare a="$b" if $a previously set as array, Chet Ramey, 2014/12/14