• deadbeef79000@lemmy.nz
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    9 months ago

    rm -rf ${var}/ is a disaster waiting to happen.

    Always do rm -rf "${var:?}/" so that the script aborts if the variable is empty. Or better yet rm -rf "./${var:?}/".

    Edited to add quotes. Always quote a path: it might have spaces in it, without quotes that will become multiple paths! Which would also have avoided the particular bug in question.

    • Samueru@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      In this case the issue was that a change between kde5 and kde6 let to the variable being defined as somepath / (notice the space).

    • mumblerfish@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      9 months ago

      Is there not also a way to disallow empty variables in the script, I think it is set -u? Then you don’t have to keep thinking “should I add a :? here because if empty it may lead to disaster” all the time. Might be even safer.

  • Troy@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    9 months ago

    That reminds me…

    In circa 1995 I was running a dial upBBS service – as a teenager. So if course, it was full of bootlegged video games and such, and people would dial in, download a game, log off.

    Someone uploaded Descent or something like that. But they had put "deltree /y C:" or similar into a batch file, used a BAT2COM converter program, then a COM2EXE program, then padded the file size to approximately the right size with random crap (probably just using APPEND)… And uploaded it. Well, fortunately for the rest of my users, I say the game and said: oh, that’s neat, I should try it and copied it to another computer over my internal network and launched it. It started deleting files right away and I hit CTRL-C to abort. I lost only a few dozen files.

    Banned the user, deleted the package. Got lucky.