[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

rbash 2.05b security hole

From: Howard Atlas
Subject: rbash 2.05b security hole
Date: Thu, 14 Nov 2002 17:14:19 -0600 (CST)

rbash is not supposed to allow any commands that include a "/".  See below:

Display version of bash:
      piggy$ /bin/bash --version
      GNU bash, version 2.05b.0(1)-release (i686-pc-linux-gnu)
      Copyright (C) 2002 Free Software Foundation, Inc.
Show what shell we are using:
      piggy$ echo $0
Run a command using "/" in it?? not allowed in rbash??
      piggy$ /usr/bin/whoami
Show what our path is:
      piggy$ echo $PATH

reply via email to

[Prev in Thread] Current Thread [Next in Thread]