In Unix/Linux environment, the IFS variable can be set to indicate what characters separate input words. The benefit of this variable is that you can use it to change the behavior of the shell in interesting ways. For example, you could use the following shell script to get a list of account names and their home directories:

#!/bin/sh

IFS=":"

while read acct passwd uid gid gcos homedir shell
do
echo $acct " " $homedir
done < /etc/passwd

By setting IFS to use / as a separator, an attacker could cause a shell file or program to execute unexpected commands.

Most modern versions of the shell will reset their IFS value to a normal set of characters when invoked. Thus, shell files will behave properly. However, not all do. Failure to reset the IFS variable is not itself a security problem. The difficulty arises when a shell file is executed on behalf of a user, or if some command is executed from within a program using the system() or popen() calls. If an attacker can execute the program as a privileged user and reset the search path, then he can compromise security. Write a shell program to determine whether your system is immune to an IFS attack.