Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/5/84; site zaphod.UUCP
Path: utzoo!watmath!clyde!cbosgd!ihnp4!alberta!sask!zaphod!bobd
From: bobd@zaphod.UUCP (Bob Dalgleish)
Newsgroups: net.news,net.wanted.sources
Subject: Re: Shar format found dangerous
Message-ID: <474@zaphod.UUCP>
Date: Mon, 21-Apr-86 16:56:59 EST
Article-I.D.: zaphod.474
Posted: Mon Apr 21 16:56:59 1986
Date-Received: Wed, 23-Apr-86 21:51:12 EST
References: <214@randvax.UUCP>
Reply-To: bobd@zaphod.UUCP (Bob Dalgleish)
Distribution: net
Organization: Develcon Electronics, Saskatoon, SK
Lines: 15
Keywords: shar danger scary path rbin
Xref: watmath net.news:4762 net.wanted.sources:2213

I guess that I am a little unclear why we can't make "shar" safe.

A) Never (never, never,never,never,never,never,never) unshar anything as
   root!

B) For you paranoids out there (and us in here), set the path for
   "unshar" to directories called /rbin and /usr/rbin.  Each of them has
   links to the requisite programs in /bin and /usr/bin that are required
   for shar to work: sed, test, wc, echo, cat, and mkdir.  Daring
   people might even include mv in this list.  Better yet is to have the
   unshar program enforce the path.
-- 
[Forgive me, Father, for I have signed ...]
Bob Dalgleish		...ihnp4!{alberta!}sask!zaphod!bobd
(My mother has disclaimed any knowledge of me)