IPv6 address/port format
Michael H. Warfield
mhw@wittsend.com
Fri, 14 Jan 2000 14:44:41 -0500
On Fri, Jan 14, 2000 at 12:34:27PM -0500, Nathan Dorfman wrote:
> On Fri, Jan 14, 2000 at 12:02:51PM -0500, Perry E. Metzger wrote:
> > Nathan Dorfman <nathan@rtfm.net> writes:
> > > [ and ] are metacharacters in the POSIX-specified standard Unix shell;
> > > as well as bash, bash2, ksh, csh, tcsh and zsh. Since this list
> > > comprises something like 99% of all Unix shells used, characters
> > > marked as reserved by *all* of them are a really bad choice.
> > Who the hell cares? No one is going to enter in address literals
> > except in extreme circumstances anyway. They're a mile long.
> Bull. Network administrators will still have to deal with addresses.
> They'd probably also prefer to be able to do this from the Unix shell
> without a menagerie of backslashes and single quotes.
Bull... Network administrators are ALREADY use to escaping known
and various metacharacters all the way back to "bang paths" in E-Mail
addresses under csh (bash wasn't around back in those days and sh didn't
have ! history) and for UUCP. [Yes, I'm that $$#@ old that I remember and
actually used some of that stuff...] It's gotten so it's second nature
to either single quote or escape anything with anything even resembling
a meta character in it no matter which shell I'm using.
That being said, there is the potential for one very real gotcha
with this scheme... If one of the URL's gets fed to a perl script, there
is the potential for trouble. Why? Because many of the perl scripts are
now (hopefully) being coded to watch out for and prohibit certain meta
characters because several of them have been used to open security holes.
I don't see where [] is likely to open up a security hole but processing
in a regex could get "amusing". :-) This actually goes beyond perl,
since a lot of apps are scanning for meta characters and other script-kiddie
amusements, but perl CGI scripts seem to be the most likely to get burnt.
Even sendmail got broken into several times through meta characters tricks,
though I don't see this being a problem with sendmail (the port issue that
is).
This is also much more likely to come up than someone entering in
a raw address URL on a command line.
> > .pm
> --
> Nathan Dorfman <nathan@rtfm.net> The statements and opinions in my
> Unix Admin @ Frontline Communications public posts are mine, not FCC's.
> "The light at the end of the tunnel is the headlight of an approaching
> train." --/usr/games/fortune
Mike
--
Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com
(The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!