On Mon, 13 Sep 2021 10:18:45 -0400, Bob Bridges wrote: > >But I keep thinking about the possibilities for malice in any tool I write for >public use, and worry about it. I can't think of any examples, because as >Itschak points out below, it's always going to run under the perpetrator's own >ID, so INTERPRET isn't giving him any capabilities he doesn't already have. >Can anyone point me to an example of how this would become a Bad Thing? I'm >really curious. > The hazard exists if a programmer naively INTERPRETs data supplied by potential (fe)malefactor. The defensive programmer might parse those data and prohibit dangerous constructs, but that parse must be complete.
IBM's OMVS SKULKER script formerly bypassed filenames containing semicolons to prevent an exploit. I pointed out that the exploit remained for filenames containing NewLines. IBM fixed it with an undocumented APAR. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
