v9 (at) fakehalo (dot) us [email concealed] wrote:
> I may be rusty with knowledge about mirc (say almost 10 years out of date)...but, in what situation would the pipe ('|') ever be processed from a variable, even if it was read from a mp3 ID3?

This is probably a bigger concern for *nix scripts, especially of the
homebrew variety where the owner hacks something out in 20 minutes and
never looks at it again. While the attacker might not have access to the
source code, they shouldn't have any problems defeating simple
substitution onto a command line.

-- m. tharp

[ reply ]