bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Detecting invocation as /bin/sh ?


From: Alexandre Ferrieux
Subject: Re: Detecting invocation as /bin/sh ?
Date: Mon, 29 Sep 2014 16:53:42 -0700 (PDT)
User-agent: G2/1.0

On Tuesday, September 30, 2014 1:40:55 AM UTC+2, Chet Ramey wrote:
> 
> > Forget about posix mode then: bash -p (privileged) offers a lean-and-mean 
> > variant which pretty much satisfies anybody needing "just sh". However, 
> > there is no way to store an option in a symbolic link, so all distributions 
> > doing "sh -> bash" are bound to perpetuate the danger (of 
> > "eval-from-the-env"). So it would seem normal for some of them to move away 
> > from bash as the default sh.
> 
> Are we talking about the same thing?
> Privileged mode is intended for use when bash might run setuid (a bad idea
> in any case).  It affects what bash will use from the environment -- yes,
> including shell functions -- and inhibits setting the euid to the ruid.
> It doesn't have any other effect.  It certainly doesn't turn off any bash
> features.

It *does* disable that embarrassing nightmare of a misfeature that is function 
import: 

   if (privmode == 0 && ... && STREQN ("() {", string, 4))
          ...
            parse_and_execute(...)

So, from the perspective of a "just the sh, Ma'am"  goal, it is a pretty good 
contender. Regardless of the faith one can have in the recent patches, shunning 
that 'parse_and_execute(environment)' altogether sounds orders of magnitude 
safer.

-Alex


reply via email to

[Prev in Thread] Current Thread [Next in Thread]