[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I've found a vulnerability in bash

From: Kerin Millar
Subject: Re: I've found a vulnerability in bash
Date: Fri, 19 Nov 2021 12:12:39 +0000
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.3.1

On 19/11/2021 10:53, Marshall Whittaker wrote:
You could argue that bash should parse filenames globbed from * that start
with - and exclude them specifically, so I'll have to respectfully

One could, but it would not make for a compelling argument. Define GLOBIGNORE, if you insist.

  Also, it is not the programs doing the parsing of *, that is a
function of bash.  Try typing * in just your terminal/command line and see
what happens

Yes. However, the presented 'exploit' hinges upon the behaviour of a selected external program. Luckily for you, any that uses getopt(3) will support -- as a means of concluding option recognition, rm(1) included. In the case that you are using a program where option arguments cannot be reliably separated from non-option arguments, specifying the glob as ./* will commonly suffice.

A short whitepaper on it has been made public at:
complete with a mini Po

It's perplexing that your post relies upon the use of -- to get the point across, without acknowledging its import. At any rate, this does not constitute a vulnerability on the part of bash, much less a zero-day.

Kerin Millar

reply via email to

[Prev in Thread] Current Thread [Next in Thread]