Bug 519348
Summary: | echo ** list the files in dir | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | yayati <jobsyayati> |
Component: | coreutils | Assignee: | Ondrej Vasik <ovasik> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 11 | CC: | thoger |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-08-26 09:59:20 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
yayati
2009-08-26 09:38:37 UTC
Not security. Thanks for report, but what you see is just shell expansion of argument. Additionally, usually you don't use coreutils utility `echo` but shell builtin echo (I assume you use bash). If you want to prevent shell expansion, use double quotes around the variables (common practice in shell scripts). That's NOTABUG, not security, just expected behaviour, closing. Also not a bug imo. * is shell meta character, that "matches any string, including the empty string" (glob(7)). It is expected that something like this: echo * is expanded by shell to: echo [list of all files in current directory] before command in question (echo here) is run. You can use quotes to prevent expansion. Thanks all of you, I apologise for wasting your valuable time. Regards. |