>Why? This is not stupid. The pattern could expand to multiple files >which can be used to exploit holes in setuid shell scripts. For >example foo* could expand to "foo ; >evilprogramwhichtakesoverthemachine" and then the box gets f*cked by >some evil hacker
No it can't. Because that is not how shell expansion works (the order of expansion prevents such things; meta characters are not reinterpreted. Parsing is done before wild card expansion.) James is complaining about the difference between interactive and non-interactive shells. Generally, such differences are counter intuitive. The security argument also holds for an interactive shell; running cat >> /tmp/foo* as root interactively apparently still works? In the C-shell, wild card expansions in contexts where a single item is expected result in an error. Casper
