[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-bash] safe parsing of configuration files?
From: |
Jerry |
Subject: |
Re: [Help-bash] safe parsing of configuration files? |
Date: |
Sat, 4 May 2013 17:50:48 -0400 |
On Sat, 04 May 2013 21:08:31 +0000
adrelanos articulated:
> Hi!
>
> Is there a bulletproof way to parse configuration files using bash?
>
> Layout:
>
> (spaces)
>
> # comments...
> var1="something"
>
> # more comments...
>
> var2="something else"
>
> var3="Some
>
> plain text
>
> also includes spaces and empty lines
> ..."
>
> (spaces)
>
> How can I read an untrusted config file while preventing all kinds of
> code execution from it?
>
> Most competent on that question appeared:
> http://wiki.bash-hackers.org/howto/conffile
>
> "This filter only allows NAME=VALUE and comments in the file, though
> it doesn't prevent all methods of executing code. I will address that
> later." - This later never happened or I failed to find it.
I have been using this func
I have been using this function for a few years now in a few scripts
that I maintain. So far, it seems to be working quite well.
function readconf () {
while read line; do
# skip comments
[[ ${line:0:1} == "#" ]] && continue
# skip empty lines
[[ -z "${line}" ]] && continue
eval ${line}
done < "${CONFIG_FILE}"
}
YMMV
--
Jerry ♔
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________