In the world of bourne shell scripting, IFS is a special environment variable. Its name stands for "Internal Field Separator".

This variable is used, by the shell, to determine how to split lines into words. Its default setting is "<space><tab><newline>".

This variable is one of the reasons that suid shell scripts are considered to be bad. There were many old vulnerabilities that involved an attacker changing IFS and then executing a script, causeing lines to be interpreted differently than originally expected by th eperson who wrote the script, usually allowing the attacker to execute an arbitrary command.

Of course, a simple work around is to explicitly set the IFS at the top of your script, if the script will be suid. Generally this is a moot point today, since many systems do not allow suid shell scripts.

Log in or register to write something here or to contact authors.