Red Hat Bugzilla – Bug 141480
bogus "test" in path confuses colorls.csh
Last modified: 2007-11-30 17:07:05 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113
Description of problem:
The script /etc/profile.d/colorls.csh contains lines like this:
test -f ~/.dircolors && set COLORS=~/.dircolors
If you have an executable named "test" in your path before /usr/bin/test,
it gets executed, producing bizzare results. By default, tcsh sources
/etc/csh.cshrc, which sources all of /etc/profile.d/*.csh, so any attempt
to run a shell runs into it. Moreover, with the default environment
any attempt to run less ultimately tries to run a shell which runs afoul
of the bogus test.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create an executable "test" containing
echo ======test "$@"
2. Put this file somewhere early in your path. For example,
put it in "." if "." is at the start of your path (yes,
I know that's naughty, but that's not the point).
3. Type "tcsh"
Actual Results: ======test -e /etc/DIR_COLORS.xterm-color
======test -f /home/solomon/.dircolors
======test -f ~/.dircolors.xterm-color
... etc ...
Expected Results: A new tcsh should have started.
The script colorls.csh should be rewritten to use "/usr/bin/test" or
"[" instead of "test".
Created attachment 107715 [details]
Please try this replacement.
This version replaces
test COND && STMT
if ( COND ) STMT
which fixes the original reported problem with "test".
1. I can't verify whether it breaks the original purpose of
this script, since I don't use the "color ls" feature.
2. While it fixes the problem with "test", it leaves a
similar problem with "dircolors" and introduces a new one
with "sed". If there is an executable version of either sed
or dircolors earlier in your path than /bin/sed or
/usr/bin/dircolors, you will see the same bizzare results.
IMHO, scripts in /etc/profile.d should only use shell
builtins and absolute paths. A good example is
/etc/profile/lang.csh. A bad example is
/etc/profile/less.csh, which uses relative pathnames for
"cut" and "tr".
I should point out that this problem has serious security
I will attach to this bug report what I consider to be the
correct fixes to these files. I note that your version
replaces a call to egrep with somewhat different logic using
sed instead of egrep. Since I don't understand the reason
for this change, my version will leave egrep alone (except
for specifying an absolute path).
Created attachment 109842 [details]
fixed version of /etc/profile.d/colorls.csh
Created attachment 109843 [details]
fixed version of /etc/profile.d/colorls.sh
Created attachment 109844 [details]
fixed version of /etc/profile.d/less.csh
Created attachment 109845 [details]
fixed version of /etc/profile.d/less.sh
Not all of the above files belong to the bash package. However:
Do not put "." first in your PATH.
> Not all of the above files belong to the bash package.
No, none of them do. The colorls.* files are in coreutils-4.5.3-26 and the
less.* files in less-378-11. They are all part of Red Hat Enterprise Linux.
> Do not put "." first in your PATH.
Yes, as I said before, I know that one isn't supposed to do that. Nonetheless
many people do and placing a stumbling block like this in files that executed
by everybody without warning and before the user's own dot files is just
asking for trouble. Tell me, what's wrong with the fixes I proposed?
The fixes give the illusion of security where there is none. If you put "."
first in your PATH, you must use full pathnames for every command you type, and
so must every shell script you ever use.
The only answer is not to put "." first in your PATH.
I don't agree that an incomplete fix is worse than none, but I see your
point. Thanks for responding.