[Linux-aus] What's the real story about Shellshock and Bash and vulnerabilities in Linux and OpenSource?
Anthony Thyssen
A.Thyssen at griffith.edu.au
Mon Sep 29 12:42:34 EST 2014
On Sun, 28 Sep 2014 13:36:24 +1000
Russell Coker <russell at coker.com.au> wrote:
| I'd like to have command line options specifying the names of all functions and environment variables that may be inherited. Bash could default to the current behavior but cgi-bin scripts etc could disable most variables etc.
|
| Or just have bash check argv [0] and if it's name is "sbash" just disable most such functionality.
Actually I would prefer a 'import' builtin, rather than any command
line switch. That is functions are not imported until you actually
explicitly request one!
Anthony Thyssen ( System Programmer ) <A.Thyssen at griffith.edu.au>
--------------------------------------------------------------------------
"Oh dear, I think you'll find reality's on the blink again."
-- Marvin The Paranoid Android
--------------------------------------------------------------------------
Anthony's Castle http://www.ict.griffith.edu.au/anthony/
More information about the linux-aus
mailing list