Ludovic Drolez scribbled on 10/17/06 1:33 AM:
> 
> David L Norris wrote:
>> On Mon, 2006-10-16 at 18:35 -0700, Peter Karman wrote:
>>
>>> I think we might be over-thinking this. If the original issue that stringQuote() 
>>> was trying to address was simply that quotes in filenames cause problems, why 
>>> not just escape quotes, rather than trying to escape everything suspicious?
> 
> We should escape everything suspicious, because I was able to run a 'rm -rf'
> with a file like this "mynicefilename.pdf;rm -rf /". The same applies to & |
> , and more...

Normally I would agree that escaping everything suspicious is a Good Idea, but I 
don't want to in this case and here's why.

Like most things Unix, I think we need to give users enough rope to hang 
themselves. If they want to 'rm -rf /' in their FileFilter configuration, I 
don't want to stop them. After all, swish-e config files are used for indexing 
only, not searching, so there's no chance of unknown users injecting malicious 
code into a config file and trashing your system. You control the indexing, you 
control the config file. Here's the gun; here's the bullet.

If there are characters like & and ; in your files, well, besides my pity, you 
have my encouragement to use something like a pipe through sed or the like in 
your FileFilter command to fix those issues. Or better yet, use DirTree.pl and 
-S prog.

FileFilter .pdf pdftotext "`echo '%p' | perl -ne \
's/\\\\[&|;]/\\\\\\\\$1/g;print'` -"

hey, I know it's ugly. But so is & in a filename. ;)

Having said all that I'm open to having my mind changed. Convince me.

pek
-- 
Peter Karman  .  http://peknet.com/  .  peter(at)not-real.peknet.com