Re: [HACKERS] TODO list updated

> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> >> You can't securely do
> >> echo $PASSWORD | backend
> >> or
> >> echo $PASSWORD > allegedly-secure-temp-file
> 
> > This is secure.  echo is a shell builtin, and does not invoke a separate
> > process with arguments.
> 
> echo is a builtin in ksh and derivatives, but I don't think it's safe
> to assume it is a builtin everywhere...

I believe it is safe.  csh and sh have it built in.  Does anyone know of
a shell that does not have echo builtin?  How do you tell?  Not sure.


--  Bruce Momjian                        |  http://www.op.net/~candle maillist@candle.pha.pa.us            |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026