The file named - that froze my terminal
Context
First week, first real challenge. I'm doing Bandit on OverTheWire, a series of Linux shell levels starting from zero. Level 1 → 2 should have taken 30 seconds: SSH in, read a file, grab the password.
The file is named -.
I type cat -. The terminal freezes. Nothing happens. No error, no output. Just a blinking cursor waiting for something.
I spent a few minutes thinking my SSH connection had dropped.
What I did
Here's exactly what happened:
bandit1@bandit:~$ ls
-
bandit1@bandit:~$ cat -The terminal starts waiting for keyboard input. cat - is a Unix convention: - means "read from standard input (stdin)", not from a file. The command is waiting for me to type something.
The fix: add ./ in front so - is treated as a file path, not stdin.
bandit1@bandit:~$ cat ./-
[password retrieved]It also works with input redirection:
bandit1@bandit:~$ cat < -
[password retrieved]Or with -- to signal the end of options:
bandit1@bandit:~$ cat -- -
[password retrieved]What I learned
The shell interprets arguments before passing them to the command.
When I type cat -, the shell doesn't hand the character - to cat as a filename. It follows a POSIX convention: - as an argument means stdin. No error, no warning. That's just the expected behaviour.
By adding ./, I'm giving the shell a path (./ = current directory), so it has nothing to interpret. It's clearly a file.
In regular development, nobody really names files - or starting with --. In security, these are the exact edge cases that can trip up a poorly written script or show how a system really handles its inputs.
First level, first lesson: never assume an argument will be treated as a filename.
