[tlug] Security question with grep/egrep

[Jim Breen <Jim.Breen@example.com>]

Greetings,

A question about the security/insecurity of something I am 
proposing to do with a CGI program.

I have a huge collection of Japanese/English sentence pairs, which I
have linked to my dictionary server. One option I am playing with is
to allow users to do greppy searches on English or Japanese strings.
>From a form the user would enter a string, then the CGI program would
do a system() call of:

        egrep -i "<data from the form>" examples_file | <display processing>

Now the dangers of this are pretty clear, since it has the potential for
a user to put in something like " /dev/null > /dev/null ; rm -f *
and the server will be in deep, deep kuso.

I'd like users to have the flexibility of regex searches available to
them, but removing any security holes is paramount.

The obvious thing is to ban user strings with a " in them, thus stopping
the premature termination of the pattern. Another is to write the 
pattern to a file, and use the -f option. (A wee bit slower, but
possibly MUCH safer, since the shell won't look at the input string.)

What is the opinion of the assembled TLUG wisdom on this? Is bumping off
the " enough? Are there other characters I should exclude? Is the -f
option safer?

Cheers

Jim

-- 
Jim Breen                                http://www.csse.monash.edu.au/~jwb/
Computer Science & Software Engineering,                Tel: +61 3 9905 9554
Monash University, VIC 3800, Australia                  Fax: +61 3 9905 5146
(Monash Provider No. 00008C)                ジム・ブリーン@モナシュ大学