对于此脚本中明显的漏洞,您会做些哪些简单的修复?
#!/bin/tcsh
# foreachfile command
# a shell script to apply command to each file in the current directory
set ListOfFiles = `ls`
set Count = 1
set ListLength = $#ListOfFiles
while ($Count <= $ListLength)
$argv $ListOfFiles[$Count]
@ Count = $Count + 1
end
答案 0 :(得分:1)
#!/bin/tcsh
# foreachfile command <<<< You gave away the ending!
# a shell script to apply command to each file in the current directory
foreach f (*)
"$argv" "$f"
end
您可能希望针对允许命令的白名单检查$argv。