[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I've found a vulnerability in bash
From: |
Marshall Whittaker |
Subject: |
I've found a vulnerability in bash |
Date: |
Wed, 17 Nov 2021 04:22:18 -0500 |
User-agent: |
Evolution 3.36.5-0ubuntu1 |
Software: bash
Version: 5.0.17(1)-release
--- SNIP ---
[marshall@jerkon]{04:09 AM}: [~/bashful] $ touch -- '--version'
[marshall@jerkon]{04:09 AM}: [~/bashful] $ touch a && mkdir b
[marshall@jerkon]{04:09 AM}: [~/bashful] $ ls -l
total 4
-rw-rw-r-- 1 marshall marshall 0 Nov 17 04:09 a
drwxrwxr-x 2 marshall marshall 4096 Nov 17 04:09 b
-rw-rw-r-- 1 marshall marshall 0 Nov 17 04:09 --version
[marshall@jerkon]{04:09 AM}: [~/bashful] $ mv * b
mv (GNU coreutils) 8.30
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
https://gnu.org/licenses/gpl.html>;;.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Written by Mike Parker, David MacKenzie, and Jim Meyering.
[marshall@jerkon]{04:09 AM}: [~/bashful] $ rm *
rm (GNU coreutils) 8.30
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
https://gnu.org/licenses/gpl.html>;;.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Written by Paul Rubin, David MacKenzie, Richard M. Stallman,
and Jim Meyering.
[marshall@jerkon]{04:09 AM}: [~/bashful] $
--- SNIP ---
This shouldn't happen beacuse you can drop a file and then redirect
other code for example calling a script if you only have access to drop
a file. Say a cronjob was running every hour, and it did rm * on some
folder, by expansion, you could expand it to -riv or whatever you
wanted and redirect program flow from there, say blocking the removal
of sensitive temporary files.
- Re: I've found a vulnerability in bash, (continued)
- Re: I've found a vulnerability in bash, Alex fxmbsw7 Ratchev, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Message not available
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Marshall Whittaker, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Eric Blake, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Message not available
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Robert Elz, 2021/11/19
- Re: I've found a vulnerability in bash, Ilkka Virta, 2021/11/19
I've found a vulnerability in bash,
Marshall Whittaker <=