bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Potential Bash Script Vulnerability


From: admin
Subject: Re: Potential Bash Script Vulnerability
Date: Mon, 08 Apr 2024 14:23:18 +0300
User-agent: Roundcube Webmail/1.6.0

On 2024-04-08 14:02, Greg Wooledge wrote:
On Mon, Apr 08, 2024 at 12:40:55PM +0700, Robert Elz wrote:
or perhaps better just:

  main() { ... } ; main "$@"

You'd want to add an "exit" as well, to protect against new lines of
code being appended to the script.

Yes that is correct. it's far easier to add new lines then to edit the content unnoticed, since you would have to know where you can insert or replace something, eg. a comment.

Btw wouldn't it be possible (and worth) temporarily revoking write access to the user while it's being executed as root, and restoring original rights after execution? The problem isn't really how it's executed, but that it's writable during execution... This could of course leave the temporary rights if the process is killed...


Tibor



reply via email to

[Prev in Thread] Current Thread [Next in Thread]