Edit - Unix & Linux Stack Exchange

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

Rev

3

@mirabilos, yes, but the LHS needs not not to be quoted, so there's no compelling reason not to quote it there (if we're to take the conscious decision to quote by default as it seems to be the most sensible thing to do). Also note that [[ $* = "$var" ]] is not the same as [[ "$*" = "$var" ]] if the first character of $IFS is not space with bash (and also mksh if $IFS is empty though in that case I'm not sure what $* is equal to, should I raise a bug?)).

Stéphane Chazelas
– Stéphane Chazelas

2014-12-09 14:22:50 +00:00
Commented Dec 9, 2014 at 14:22
1

Yeah, you can quote by default there. Please no more bugs about field splitting right now, I’ve still got to fix those I know about (from you and others) first, before we can re-evaluate this.

mirabilos
– mirabilos

2014-12-09 15:20:53 +00:00
Commented Dec 9, 2014 at 15:20
3

@Barmar, assuming you meant foo='bar; rm *', no it won't, it will however list the content of the current directory which may count as an information disclosure. print $foo in ksh93 (where print is the replacement for echo that addresses some of its shortcomings) does have a code injection vulnerability though (for instance with foo='-f%.0d z[0$(uname>&2)]') (you actually need print -r -- "$foo". echo "$foo" is still wrong and not fixable (though generally less harmfull)).

Stéphane Chazelas
– Stéphane Chazelas

2014-12-10 22:48:37 +00:00
Commented Dec 10, 2014 at 22:48
4

I'm no bash expert, but I've been coding in it for over a decade. I used quotes a lot, but mainly to handle embedded blanks. Now, I'll use them a lot more! It would be nice if someone would expand on this answer to make it a little easier to absorb all the fine points. I got a lot of it, but I missed a lot too. It's a long post already, but I know there's a lot more here for me to learn. Thanks!

Joe
– Joe

2014-12-16 06:33:20 +00:00
Commented Dec 16, 2014 at 6:33
1

+1 for implying an unquoted variable is as bad as murder <3

aggregate1166877
– aggregate1166877

2022-01-25 22:22:20 +00:00
Commented Jan 25, 2022 at 22:22

| Show 23 more comments

Correct minor typos or mistakes
Clarify meaning without changing it
Add related resources or links
Always respect the author’s intent
Don’t use edits to reply to the author

create code fences with backticks ` or tildes ~
```
like so
```
add language identifier to highlight code
```python
def function(foo):
print(foo)
```
put returns between paragraphs
for linebreak add 2 spaces at end
_italic_ or **bold**
indent code by 4 spaces
backtick escapes `like _so_`
quote by placing > at start of line
to make links (use https whenever possible)

<https://example.com>

[example](https://example.com)

<a href="https://example.com">example</a>

formatting help »
answering help »