help-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-bash] safe parsing of configuration files?


From: Jerry
Subject: Re: [Help-bash] safe parsing of configuration files?
Date: Sat, 4 May 2013 17:50:48 -0400

On Sat, 04 May 2013 21:08:31 +0000
adrelanos articulated:

> Hi!
> 
> Is there a bulletproof way to parse configuration files using bash?
> 
> Layout:
> 
> (spaces)
> 
>    # comments...
>    var1="something"
> 
>    # more comments...
> 
>    var2="something else"
> 
>    var3="Some
> 
> plain text
> 
> also includes spaces and empty lines
> ..."
> 
> (spaces)
> 
> How can I read an untrusted config file while preventing all kinds of
> code execution from it?
> 
> Most competent on that question appeared:
> http://wiki.bash-hackers.org/howto/conffile
> 
> "This filter only allows NAME=VALUE and comments in the file, though
> it doesn't prevent all methods of executing code. I will address that
> later." - This later never happened or I failed to find it.

I have been using this func

I have been using this function for a few years now in a few scripts
that I maintain. So far, it seems to be working quite well.

function readconf () {
while read line; do
# skip comments
  [[ ${line:0:1} == "#" ]] && continue
# skip empty lines
  [[ -z "${line}" ]] && continue
  eval ${line}
done < "${CONFIG_FILE}"
}

YMMV

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________




reply via email to

[Prev in Thread] Current Thread [Next in Thread]