2011/3/27 Raj Mathur (राज माथुर) <[email protected]>: > Both are unsafe. Consider the user who enters his username as > (literally): > > Raj `rm -rf /`Mathur
Indeed. Good catch. I had checked for forward ticks which bash appeared to escape properly but only assumed backticks would be escaped similarly. Binand -- http://mm.glug-bom.org/mailman/listinfo/linuxers
