[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Arbitrary command execution in shell - by design!

From: Léa Gris
Subject: Re: Arbitrary command execution in shell - by design!
Date: Sat, 30 Oct 2021 10:53:14 +0200
User-agent: Telnet/1.0 [tlh] (PDP11/DEC)

Le 30/10/2021 à 07:41, L A Walsh écrivait :

On 2021/10/29 12:33, Greg Wooledge wrote:
On Fri, Oct 29, 2021 at 11:59:02AM -0700, L A Walsh wrote:
How much lameness Chet has introduced into bash to accommodate
the wrong users.

This is quite unfair.
Huh?  It's true--look at how functions have to be stored in
the environment because someone was able to hack "their
own system" where they already have unrestricted shell access.

Expect to see more of those misplaced security rants now that Bash becomes popular with git-bash and bash in Windows environment.

Indeed, if a bash script is able to be abused, it is not bash's fault, neither the script's fault, but the system's security policies granting those privileges to the user running the script.

Léa Gris

reply via email to

[Prev in Thread] Current Thread [Next in Thread]