|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Bash Bug
Andy Church (achurch
DRAGONFIRE.NET)Wed, 21 Apr 1999 20:39:48 EDT
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Adam Herscher: "Re: AOL Instant Messenger URL Crash"
- Previous message: Pavel Kankovsky: "Re: truncate("x", -1)"
- Maybe in reply to: Shadow: "Bash Bug"
- Next in thread: Guy Cohen: "Re: Bash Bug"
>Figured while everyone was working with bash, I might as well make this
>one public(I apologize if this is old news, apparently it hasnt been fixed
>if so).
>
>If a user creates a directory with a command like
>
>mkdir "\ `echo -e \ "echo + +> ~\57.rhosts\ " > x; source x; rm -f \x\ ` "
>
>and someone cd's into said directory, either by accident, or whatever,
>then it will cause it to actually execute.
Just to clarify, this only happens if PS1 (the bash prompt) contains
\w or \W _and_ a prompt is displayed containing the bogus directory name.
This means unattended shell scripts are safe. As a workaround, use `pwd`
in place of \w.
Tested with bash 1.14 (it's the only one I have handy).
--Andy Church
achurchdragonfire.net
http://achurch.dragonfire.net/
- Next message: Adam Herscher: "Re: AOL Instant Messenger URL Crash"
- Previous message: Pavel Kankovsky: "Re: truncate("x", -1)"
- Maybe in reply to: Shadow: "Bash Bug"
- Next in thread: Guy Cohen: "Re: Bash Bug"