For those that like to use Wildcards - Please Read
-
-
But this stuff has been known for decades. No harm in reminding people of old vulnerabilities and best practices, but it's certainly not another heart-bleed.
-
Clever but hard to exploit in reality. The command part of the command line is already set and can not be changed by the glob expansion so it's limited to changing the behaviour of known commands. Many times you're better off by not using wildcards at all, people tend to write silly commands like
grep -r foobar *etc. where it's better to replace the wildcard with a dot (.) and let grep(1) do the expansion and recursion itself. Also if you want to protect against such tricks you can use the end of arguments list -argument```alias rm='/bin/rm -i --'
That would no longer try to interpret file names like '-rf' as options if run as 'rm *'
