Input Field Separators Explained

For many command line interpreters (“shell”) of Unix operating systems, the input field separators or internal field separators or shell variable holds characters used to separate text into tokens.

The value of, (in the bash shell) typically includes the space, tab, and the newline characters by default. These whitespace characters can be visualized by issuing the "declare" command in the bash shell or printing with commands like printf %s "$IFS" | od -c, printf "%q\n" "$IFS" or printf %s "$IFS" | cat -A (the latter two commands being only available in some shells and on some systems).

From the Bash, version 4 man page:

The shell treats each character of as a delimiter, and splits the results of the other expansions into words on these characters.If is unset, or its value is exactly, the default, then sequences of,, and at the beginning and end of the results of the previous expansions are ignored, and any sequence of characters not at the beginning or end serves to delimit words.If has a value other than the default, then sequences of the whitespace characters and are ignored at the beginning and end of the word, as long as the whitespace character is in the value of (an whitespace character).Any character in that is not whitespace, along with any adjacent whitespace characters, delimits a field. A sequence of whitespace characters is also treated as a delimiter. If the value of is null, no word splitting occurs.

IFS abbreviation

According to the Open Group Base Specifications, is an abbreviation for "input field separators."[1] A newer version of this specification mentions that "this name is misleading as the IFS characters are actually used as field terminators."[2] However is often referred to as "internal field separators."

Exploits

IFS was usable as an exploit in some versions of Unix. A program with root permissions could be fooled into executing user-supplied code if it ran (for instance) system("/bin/mail") and was called with set to, in which case it would run the program "" (in the current directory and thus writable by the user) with root permissions.[3] This has been fixed by making the shells not inherit the IFS variable.

Notes and References

  1. Web site: 2004. Shell Command Language. 2020-10-12. pubs.opengroup.org.
  2. Web site: sh. 2020-10-12. pubs.opengroup.org.
  3. Web site: Hackers Hut: Environment variables.