That is terrifying !!! Any script with "rm -rf $FOO/" runs "rm -rf /" when $FOO isn't set, right? So is the lesson here not to put anything that could end up as "rm -rf /" in a script? From my SQL work, I recall the distinction between blank and null. So when $FOO isn't set, isn't the value null? Or is it blank? And shouldn't it be impossible to execute something containing a null value?
Generally, in string replacement in programming/scripting, if you are adding blank or null into the existing string, this has the same net effect of adding nothing to the string, so it is left unchanged. What should be done is if the input string (in this case $FOO) needs to be some value - you should do a null or nothing/blank check before using it ... you should always validate all user input.
That seems so. But finding nothing aka null ought to be distinct from finding something that happens to be blank. In SQL, null values cannot be compared, concatenated, etc. Yes, doing isnull or checking length is always prudent. But uncaught null values should always break scripts, rather than be interpreted as blank. In this case, "rm -rf [null]/" should do nothing except report something like "not found".
