From 38d64950fa6b3475ed5dc7462e995f4672647f7a Mon Sep 17 00:00:00 2001 From: Christoph Anton Mitterer Date: Tue, 22 Nov 2022 00:09:31 +0100 Subject: [PATCH] ssh_filter_btrbk.sh: further harden the shell execution environment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • In principle the special `IFS`-variable could be set to some unexpected non- standard value. Unsetting it causes its default to be used. • Locales and in particular their characters sets are quite complex in POSIX and may have many subtle implications. For example, the pattern matching notation (used in `case`-compound-commands or some forms of parameter expansion) are in principle only defined for character strings. While some shells handle it gracefully, the behaviour is undefined if, for example, the character set is UTF-8 and a variable contains bytes that do not form valid caracters in that. Actually, there are quite some more implications. Also, pathnames, in POSIX, are strings of bytes excluding 0x0. For these reasons, the locale is set to the `C`/`POSIX`-locale. Signed-off-by: Christoph Anton Mitterer --- ssh_filter_btrbk.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ssh_filter_btrbk.sh b/ssh_filter_btrbk.sh index f59462a..41fa2fa 100755 --- a/ssh_filter_btrbk.sh +++ b/ssh_filter_btrbk.sh @@ -1,9 +1,12 @@ #!/bin/sh -set -e -u - +# initialise and sanitise the shell execution environment +unset -v IFS +export LC_ALL=C export PATH='/sbin:/bin:/usr/sbin:/usr/bin' +set -e -u + enable_log= restrict_path_list= allow_list=