Bash recursion insecurity

Kevin Day thekevinday at
Sun Sep 24 08:46:51 PDT 2006

> > some people, perhaps isolated embeded systems, may actually need
> > recursion in this manner
> > I can see a fix for this by doing #ifdefs and a compile time
> > --enable-recursive-calls
> Making such a patch is similar to a patch that would allow/disallow
> installing the "rm" program when installing coreutils just because the
> command can be used for removing important files on a system.

i figured there was something I overlooked.
perhaps, then using locks. on scripts themselves might solve this.
If it is on a locked state, it cannot be called by it's children or itself.

Kevin Day

More information about the hlfs-dev mailing list