Follow-up Comment #9, bug #18554 (project findutils):

James, I believe the way I suggested using "sh -c" is perfectly safe.  The
security problem you are thinking of is associated with uses where the {} is
part of the command, e.g.

find ... -exec sh -c 'ls -l {}' \;

which is not portable anyway.  (POSIX says {} only needs to be substituted if
it is a separate argument.)


    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?18554>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/



_______________________________________________
Bug-findutils mailing list
Bug-findutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-findutils

Reply via email to