Bash recursion insecurity
cmouse at desteem.org
Mon Sep 25 00:25:50 PDT 2006
On Sun, Sep 24, 2006 at 10:28:12PM +0400, Vladimir A. Pavlov wrote:
> I don't really know if the patch you suggest is really needed...
> Sorry :(
> My thoughts are if an attacker, say, can execute bash scripts on the
> server then recursive calls is the last thing he will try to break the
> server with.
> Nothing but perfection
Bsides, you might actually need to run several levels of recursion. Just
consider a script that recursively walks filesystem from root.
and so on... this should *NEVER* be broken.
> FAQ: http://www.linuxfromscratch.org/faq/
> Unsubscribe: See the above information page
More information about the hlfs-dev