Nick Craig-Wood wrote: > > What if I entered "; rm -rf * ;" as my pattern? > Assuming the script isn't setuid, this would do no more damage than the user could do directly on the command line. I agree, when dealing with web applications or setuid programs, direct shell access isn't a good idea. Pete