Nicolas Williams wrote: > On Sat, Jun 23, 2007 at 12:31:28PM -0500, Nicolas Williams wrote: > > On Sat, Jun 23, 2007 at 12:18:05PM -0500, Nicolas Williams wrote: > > > Couldn't wait for ZFS delegation, so I cobbled something together; see > > > attachment. > > > > I forgot to slap on the CDDL header... > > And I forgot to add a -p option here: > > > #!/bin/ksh > > That should be: > > > #!/bin/ksh -p
Uhm... that's no longer needed for /usr/bin/ksh in Solaris 10 and ksh93 never needed it. > Note that this script is not intended to be secure, just to keep honest > people honest and from making certain mistakes. Setuid-scripts (which > this isn't quite) are difficult to make secure. Uhm... why ? You only have to make sure the users can't inject data/code. David Korn provided some guidelines for such cases, see http://mail.opensolaris.org/pipermail/shell-discuss/2007-June/000493.html (mainly avoid "eval", put all variable expensions in quotes, set IFS= at the beginning of the script and harden your script against unexpected input (classical example is $ myscript "$(cat /usr/bin/cat)" # (e.g. the attempt to pass a giant binary string as argument))) ... and I am currently working on a new shell code style guideline at http://www.opensolaris.org/os/project/shell/shellstyle/ with more stuff. ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) [EMAIL PROTECTED] \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 7950090 (;O/ \/ \O;) _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
