Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
howto:conffile [2015/08/08 15:57] bill_thomson |
howto:conffile [2015/08/08 16:00] (current) bill_thomson |
||
---|---|---|---|
Line 54: | Line 54: | ||
As mentioned earlier, the sourced file can contain anything a Bash script can. Essentially, it **is** an included Bash script. That creates security issues. A malicicios person can "execute" arbitrary code when your script is sourcing its config file. | As mentioned earlier, the sourced file can contain anything a Bash script can. Essentially, it **is** an included Bash script. That creates security issues. A malicicios person can "execute" arbitrary code when your script is sourcing its config file. | ||
- | You might want to only allow constructs in the form ''NAME=VALUE'' in that file (variable assignment syntax) and maybe comments (though comments are technically unimportant). | + | You might want to allow only constructs in the form ''NAME=VALUE'' in that file (variable assignment syntax) and maybe comments (though technically, comments are unimportant). |
Imagine the following "config file", containing some malicious code: | Imagine the following "config file", containing some malicious code: | ||