[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential Bash Script Vulnerability
From: |
Greg Wooledge |
Subject: |
Re: Potential Bash Script Vulnerability |
Date: |
Mon, 8 Apr 2024 07:33:54 -0400 |
On Mon, Apr 08, 2024 at 02:23:18PM +0300, admin@osrc.rip wrote:
> Btw wouldn't it be possible (and worth) temporarily revoking write access to
> the user while it's being executed as root, and restoring original rights
> after execution?
I think that would be a huge overreach. It would also lead to a whole
lot of breakage.
Imagine that we implement this change. It would have to be done in
the shell, since the kernel simply offloads script execution to the
interpreter. So, your change would essentially add code to the shell
which causes it to change the permissions on a script that it's
reading, if that script is given as a command-line argument, and if
the shell's EUID is 0. Presumably it would change the permissions
back to normal at exit.
Now imagine what happens if the shell is killed by a SIGKILL, or if
the system simply crashes during the script's execution. The script
is left with altered permissions.
- Re: Potential Bash Script Vulnerability, (continued)
- Re: Potential Bash Script Vulnerability, Kerin Millar, 2024/04/07
- Re: Potential Bash Script Vulnerability, admin, 2024/04/07
- Re: Potential Bash Script Vulnerability, Greg Wooledge, 2024/04/07
- Re: Potential Bash Script Vulnerability, Kerin Millar, 2024/04/07
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/07
- Re: Potential Bash Script Vulnerability, John Passaro, 2024/04/08
- Re: Potential Bash Script Vulnerability, Kerin Millar, 2024/04/08
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Greg Wooledge, 2024/04/08
- Re: Potential Bash Script Vulnerability, admin, 2024/04/08
- Re: Potential Bash Script Vulnerability,
Greg Wooledge <=
- Re: Potential Bash Script Vulnerability, Andreas Schwab, 2024/04/08
- Re: Potential Bash Script Vulnerability, admin, 2024/04/08
- Message not available
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
- Message not available
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
Re: Potential Bash Script Vulnerability, Martin D Kealey, 2024/04/08