From owner-freebsd-questions@FreeBSD.ORG Tue Jul 26 23:47:43 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72C0616A41F for ; Tue, 26 Jul 2005 23:47:43 +0000 (GMT) (envelope-from mtbeedee@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id A27B343D46 for ; Tue, 26 Jul 2005 23:47:42 +0000 (GMT) (envelope-from mtbeedee@gmail.com) Received: by wproxy.gmail.com with SMTP id i12so50868wra for ; Tue, 26 Jul 2005 16:47:42 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=OlrIiRIqDVuirmqhYHwjkJfVS0DfhPnNI2Sbx2kAaxF2ZysPPJmmkkU1jhvKP7QevNE2QVnldY/TnI4R2dFZwdKEkZ0wEciS5Ux0cjYsl6qAip9FfTMMZYmWpSgh8osf1G1YJ2Ccwa7XDsjbkBm+6nq3veR4alF0lZoSEOcRk7g= Received: by 10.54.43.11 with SMTP id q11mr125544wrq; Tue, 26 Jul 2005 16:47:42 -0700 (PDT) Received: by 10.54.159.14 with HTTP; Tue, 26 Jul 2005 16:47:42 -0700 (PDT) Message-ID: Date: Tue, 26 Jul 2005 19:47:42 -0400 From: Michael Beattie To: Lane In-Reply-To: <200507261849.46220.lane@joeandlane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20050726183029.M97284@neptune.atopia.net> <200507261807.23024.lane@joeandlane.com> <200507261849.46220.lane@joeandlane.com> Cc: freebsd-questions@freebsd.org Subject: Re: cat /dev/urandom X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Michael Beattie List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Jul 2005 23:47:43 -0000 On 7/26/05, Lane wrote: > On Tuesday 26 July 2005 18:18, Michael Beattie wrote: > > `cat /dev/urandom` will do just that... it's not also going to run > > code from within that output. > > > > On 7/26/05, Lane wrote: > > > On Tuesday 26 July 2005 17:35, Michael Beattie wrote: > > > > On 7/26/05, Matt Juszczak wrote: > > > > > Hi all, > > > > > > > > > > Quick question. > > > > > > > > > > shell# cat /dev/urandom > > > > > > > > > > can that executed as root cause any harm to the system? What if = a > > > > > random sequence of `rm *` was generated... would it be executed? > > > > > > > > > > I tried that to fix my terminal and forgot it might cause damage = as > > > > > root, even if its just being cat'd to the screen. I thought I sa= w > > > > > some files fly by which would indicate an execution of `ls`.... > > > > > > > > > > Just curious.... > > > > > > > > If you had a file with an rm * in it and you cat'd it would it exec= ute? > > > > _______________________________________________ > > > > > > That's a good answer, but what if the command was: > > > > > > `cat /dev/urandom` > > > > > > could /dev/urandom generate arbitrary and potentially executable code= ? > > > > > > I'm curious, too > > > > > > lane > > > _______________________________________________ > Hmmm.... interesting. >=20 > if I create a file, test, in the current directory like this: >=20 > echo -n ls -al >test >=20 > Then type `cat test` >=20 > I get a directory listing. >=20 > Assuming that /dev/urandom generates something like "ls -al" followed by = a > newline, then it stands to reason that `cat /dev/urandom` will actually > execute the command "ls -al" >=20 > Why is it that this does not hold true for `cat /dev/urandom` ? >=20 > Still curious >=20 Huh. Look at that. I guess I was wrong. I wonder why... Maybe the `` makes it "escape" from the shell and so it cats the file and then when it comes back to the shell it sees the ls -al and runs it.