[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential Bash Script Vulnerability
|
From: |
Oğuz |
|
Subject: |
Re: Potential Bash Script Vulnerability |
|
Date: |
Mon, 8 Apr 2024 19:35:02 +0300 |
On Mon, Apr 8, 2024 at 5:32 PM Robert Elz <kre@munnari.oz.au> wrote:
> The effect is that sharing stdin between the shell script, and other
> commands (than read), is almost certainly never going to work,
Why not? It works fine with other shells
$ cat tst.sh
cat <<EOF >tst.c
#include <sys/types.h>
#include <unistd.h>
int main(void) {
lseek(0, 5, SEEK_CUR);
}
EOF
cc tst.c
./a.out
exit
echo WORKS
$
$ for sh in bash bash-3.2.57 'busybox sh' dash gwsh ksh mksh oksh osh
pdksh yash zsh; do echo $sh; $sh <tst.sh; done
bash
WORKS
bash-3.2.57
WORKS
busybox sh
dash
gwsh
WORKS
ksh
WORKS
mksh
WORKS
oksh
WORKS
osh
pdksh
WORKS
yash
WORKS
zsh
$
- Re: Potential Bash Script Vulnerability, (continued)
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Greg Wooledge, 2024/04/08
- Re: Potential Bash Script Vulnerability, admin, 2024/04/08
- Re: Potential Bash Script Vulnerability, Greg Wooledge, 2024/04/08
- Re: Potential Bash Script Vulnerability, Andreas Schwab, 2024/04/08
- Re: Potential Bash Script Vulnerability, admin, 2024/04/08
- Message not available
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
- Message not available
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability,
Oğuz <=
- Re: Potential Bash Script Vulnerability, Robert Elz, 2024/04/08
- Re: Potential Bash Script Vulnerability, Oğuz, 2024/04/08
Re: Potential Bash Script Vulnerability, Martin D Kealey, 2024/04/08
Re: Potential Bash Script Vulnerability, Chet Ramey, 2024/04/08