[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Arbitrary command execution in shell - by design!

From: Robert Elz
Subject: Re: Arbitrary command execution in shell - by design!
Date: Sat, 30 Oct 2021 03:52:20 +0700

    Date:        Fri, 29 Oct 2021 11:59:02 -0700
    From:        L A Walsh <bash@tlinx.org>
    Message-ID:  <617C4476.2010605@tlinx.org>

  | Bash is a command_line console language designed to execute commands 
  | locally in the context of the user.  Local user access to a console,
  | from a security standpoint, is generally equated with root-access,
  | game over as far as being secure.

Sorry, but this, and everything that follows from this, is utter nonsense.

Once upon a time (back when shells were invented) all command access was
via a shell, on the console (not necessarily by a user with root privs,
though console access on some systems needed to be restricted for other
reasons - depends upon the way the hardware works) or on some other terminal
connected to the system.

There were no GUIs.   There were no terminals capable of displaying anything
other that text.   In the beginning, all terminals printed on paper.

Bash is a (slightly more recent than that, but not all that much) 
implementation of such a shell (with a whole bunch of extensions added
over what was in the initial shells ... some of them, IMO, very useful,
some of them a complete waste of space (again, IMO)).

Any thought that only root users use shells is simply absurd.

  | People have the wrong expectations,
  | if they expect the 'language that allows you all-access to your machine'
  | to be 'secure' when random users are permitted to use it.

The shell is a multi-purpose language - it only allows "all-access" when
the privileges of the user permit execution of privileged commands.
There is absolutely nothing in the shell itself (including bash and all
its extensions, similarly ksh93, or zsh, other wildly extended shells)
which grants any kind of privileged access whatever.

It is perfectly safe for anyone to run any normal shell script, they cannot
do that way anything they could not do any other way.

Where there can be issues, is when a script being run by one user accepts
input by another (running scripts on one system using data received over
a network connection is the obvious example of this, but there are others)
is where extreme caution is needed.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]