Heads up: possible BASH security vulnerability
Ian Malone
ibmalone at gmail.com
Fri Sep 26 10:10:09 UTC 2014
On 25 September 2014 20:11, jd1008 <jd1008 at gmail.com> wrote:
>
> On 09/25/2014 01:50 AM, Ian Malone wrote:
>>
>> On 25 September 2014 01:36, jd1008 <jd1008 at gmail.com> wrote:
>>>
>>> On 09/24/2014 06:27 PM, Chris Adams wrote:
>>>>
>>>> Once upon a time, jd1008 <jd1008 at gmail.com> said:
>>>>>
>>>>> So, is this one of the ways javascripts exec bash to install malware
>>>>> or do other nasty stuff?
>>>>
>>>> This has nothing to do with Javascript. It is probably more serious to
>>>> servers, such as web servers, than to desktops.
>>> Well and good.
>>> Are you saying that a java script, being executed on your system
>>> via the browser, cannot also fork and exec bash?
>>
>> That in itself is not the vulnerability, the vulnerability is that
>> starting bash with environment variables that are potentially set by
>> an untrusted user can execute code, the lwn write up is quite good
>> http://lwn.net/Articles/613032/
>>
> Thanx Ian.
> I wonder if the BSD sh has the same vulnerability.
>
Mac OS-X does! It's sort of a BSD. I don't have a real BSD to look at,
it seems some of them use true sh
http://bsdwiki.reedmedia.net/wiki/Create_a_simple_Bourne_shell_script.html,
this being a bash problem it's unlikely, but anyone using one might
want to check for peace of mind.
--
imalone
http://ibmalone.blogspot.co.uk
More information about the users
mailing list