[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Restricted Bash - Not so restrictive (in 4.2 as well)
From: |
Sarnath K - ERS, HCLTech |
Subject: |
RE: Restricted Bash - Not so restrictive (in 4.2 as well) |
Date: |
Thu, 12 Jan 2012 17:02:26 +0530 |
Thanks for the education!
I am planning a workaround. If I hit success, I will write again - hoping you
guys won't mind...
-----Original Message-----
From: Pierre Gaston [mailto:pierre.gaston@gmail.com]
Sent: Thursday, January 12, 2012 4:30 PM
To: Sarnath K - ERS, HCLTech
Cc: bug-bash@gnu.org; bash@packages.debian.org
Subject: Re: Restricted Bash - Not so restrictive (in 4.2 as well)
On Thu, Jan 12, 2012 at 12:51 PM, Sarnath K - ERS, HCLTech
<k_sarnath@hcl.com> wrote:
> Oops.. It actually works! That's a great catch!
>
> I thought "redirection" is not supported in restricted mode though..!
> I just checked... It is mostly related to "output" re-direction.
>
> Hmm......I think I am going to tinker "bash" source code to disable the
> "echo" builtin. :-)
>
> Any ideas?
>
I don 't think it's a good idea, there are many many many tricks like
this ( printf, read, mapfile....), or for instance just run:
"$(<file)"
and you will get the file as an error message.
As hinted at the beginning securing a shell like you want should
probably be discussed elsewhere, maybe on a debian list.
::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------
The contents of this e-mail and any attachment(s) are confidential and intended
for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates.
Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the
opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification,
distribution and / or publication of
this message without the prior written consent of the author of this e-mail is
strictly prohibited. If you have
received this email in error please delete it and notify the sender
immediately. Before opening any mail and
attachments please check them for viruses and defect.
-----------------------------------------------------------------------------------------------------------------------
- Restricted Bash - Not so restrictive (in 4.2 as well), Sarnath K - ERS, HCLTech, 2012/01/11
- Re: Restricted Bash - Not so restrictive (in 4.2 as well), Jonathan Nieder, 2012/01/11
- Re: Restricted Bash - Not so restrictive (in 4.2 as well), Chet Ramey, 2012/01/11
- RE: Restricted Bash - Not so restrictive (in 4.2 as well), Sarnath K - ERS, HCLTech, 2012/01/11
- Re: Restricted Bash - Not so restrictive (in 4.2 as well), Jonathan Nieder, 2012/01/11
- RE: Restricted Bash - Not so restrictive (in 4.2 as well), Sarnath K - ERS, HCLTech, 2012/01/12
- Re: Restricted Bash - Not so restrictive (in 4.2 as well), Pierre Gaston, 2012/01/12
- RE: Restricted Bash - Not so restrictive (in 4.2 as well), Sarnath K - ERS, HCLTech, 2012/01/12
- Re: Restricted Bash - Not so restrictive (in 4.2 as well), Pierre Gaston, 2012/01/12
- RE: Restricted Bash - Not so restrictive (in 4.2 as well),
Sarnath K - ERS, HCLTech <=