Could you quote an example or deliver an exploit?
thanks bud
> Hi!
>
>> The correct syntax is [ -n "${var}" ] (notice the quotes).
>> Thanks to Vasilis.
>
> A security notice:
> Don't use more then one expression in one test call.
> Use instant two test calls:
>
> if [ -z "$x" ] && [ -z "$y" ]; then
> echo x and y are empty
> fi
>
> if [ -z "$x" ] || [ -z "$y" ]; then
> echo x or y is empty
> fi
>
> If more then one expression is done with test the comparison is exploitable.
> It's a design error of the UNIX shell and can't be fixed.
>
> Regards
> Alina
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel@lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
