Some followup examples, with the last one showing how it can fail:
######## shrapnel:/tmp 165---> cat /tmp/nastyHack ; chmod a+x /tmp/nastyHack cd $* # Stand in specified directory ($HOME if none), echo PWD is $PWD # confirm our location, ls -CFl /proc/$$/fd # demo the concept. ######## shrapnel:/tmp 166---> cd / ; /tmp/nastyHack PWD is /home/mod total 0 lrwx------ 1 mod mod 64 Jan 15 17:39 0 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:39 1 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:39 2 -> /dev/pts/3 lr-x------ 1 mod mod 64 Jan 15 17:39 255 -> /tmp/nastyHack* ######## shrapnel:/ 167---> cd / ; /tmp/nastyHack /etc PWD is /etc total 0 lrwx------ 1 mod mod 64 Jan 15 17:39 0 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:39 1 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:39 2 -> /dev/pts/3 lr-x------ 1 mod mod 64 Jan 15 17:39 255 -> /tmp/nastyHack* ######## shrapnel:/ 168---> cd /tmp ; ./nastyHack /usr/local PWD is /usr/local total 0 lrwx------ 1 mod mod 64 Jan 15 17:40 0 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:40 1 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:40 2 -> /dev/pts/3 lr-x------ 1 mod mod 64 Jan 15 17:40 255 -> /tmp/nastyHack* ######## shrapnel:/tmp 169---> cd /var/log ; bash </tmp/nastyHack PWD is /home/mod total 0 lr-x------ 1 mod mod 64 Jan 15 17:40 0 -> /tmp/nastyHack* lrwx------ 1 mod mod 64 Jan 15 17:40 1 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:40 2 -> /dev/pts/3 ######## shrapnel:/var/log 170---> cd /var/log ; cat /tmp/nastyHack | bash PWD is /home/mod total 3 lr-x------ 1 mod mod 64 Jan 15 17:45 0 -> pipe:[364424] lrwx------ 1 mod mod 64 Jan 15 17:45 1 -> /dev/pts/3 lrwx------ 1 mod mod 64 Jan 15 17:45 2 -> /dev/pts/3 _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
