[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I've found a vulnerability in bash

From: Chet Ramey
Subject: Re: I've found a vulnerability in bash
Date: Wed, 17 Nov 2021 09:04:24 -0500
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.3.0

On 11/17/21 4:16 AM, Marshall Whittaker wrote:

> This shouldn't happen beacuse you can drop a file and then redirect
> other code for example calling a script if you only have access to drop
> a file.  Say a cronjob was running every hour, and it did rm * on some
> folder, by expansion, you could expand it to -riv or whatever you
> wanted and redirect program flow from there.

That's just bad scripting.

``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]