|
| From: | Léa Gris |
| Subject: | Re: Arbitrary command execution in shell - by design! |
| Date: | Sat, 30 Oct 2021 10:53:14 +0200 |
| User-agent: | Telnet/1.0 [tlh] (PDP11/DEC) |
Le 30/10/2021 à 07:41, L A Walsh écrivait :
On 2021/10/29 12:33, Greg Wooledge wrote:On Fri, Oct 29, 2021 at 11:59:02AM -0700, L A Walsh wrote:How much lameness Chet has introduced into bash to accommodate the wrong users.This is quite unfair.Huh? It's true--look at how functions have to be stored in the environment because someone was able to hack "their own system" where they already have unrestricted shell access.
...Expect to see more of those misplaced security rants now that Bash becomes popular with git-bash and bash in Windows environment.
Indeed, if a bash script is able to be abused, it is not bash's fault, neither the script's fault, but the system's security policies granting those privileges to the user running the script.
-- Léa Gris
| [Prev in Thread] | Current Thread | [Next in Thread] |