[dns-operations] ShellShock exploit through the DNS
Jim Reid
jim at rfc1035.com
Tue Oct 14 17:53:14 UTC 2014
On 14 Oct 2014, at 12:46, P Vixie <paul at redbarn.org> wrote:
>> As "/bin/sh" is almost always a symlink to "/bin/bash", and many O/S
>> scripts assume this to be the case (i.e. use bash specific features,
>> without declaring "#!/bin/bash"), so simply making "/bin/sh" a link to
>> (say) "/bin/ash" is probably not an option.
>
> Apple and redhat err'd in using bash to implement the /bin/sh interface. They should switch to ash like BSD or to the dash derivative of ash like Debian.
??
wallace% uname -a
Darwin wallace.rfc1035.com 13.4.0 Darwin Kernel Version 13.4.0: Sun Aug 17 19:50:11 PDT 2014; root:xnu-2422.115.4~1/RELEASE_X86_64 x86_64
wallace% ls -lsi /bin/*sh
11551653 1 -r-xr-xr-x 1 root wheel 1228336 1 Oct 09:04 /bin/bash
9655244 1 -rwxr-xr-x 2 root wheel 357984 20 May 22:50 /bin/csh
9611979 1 -r-xr-xr-x 1 root wheel 1315248 20 May 22:49 /bin/ksh
11551654 1 -r-xr-xr-x 1 root wheel 1228416 1 Oct 09:04 /bin/sh
9655244 1 -rwxr-xr-x 2 root wheel 357984 20 May 22:50 /bin/tcsh
9655904 1 -rwxr-xr-x 1 root wheel 530320 20 May 22:50 /bin/zsh
More information about the dns-operations
mailing list