[dns-operations] ShellShock exploit through the DNS
Mike Hoskins (michoski)
michoski at cisco.com
Tue Oct 14 18:02:17 UTC 2014
-----Original Message-----
From: Jim Reid <jim at rfc1035.com>
Date: Tuesday, October 14, 2014 at 1:53 PM
To: Paul Vixie <paul at redbarn.org>
Cc: "dns-operations at dns-oarc.net" <dns-operations at dns-oarc.net>
Subject: Re: [dns-operations] ShellShock exploit through the DNS
>On 14 Oct 2014, at 12:46, P Vixie <paul at redbarn.org> wrote:
>
>>> As "/bin/sh" is almost always a symlink to "/bin/bash", and many O/S
>>> scripts assume this to be the case (i.e. use bash specific features,
>>> without declaring "#!/bin/bash"), so simply making "/bin/sh" a link to
>>> (say) "/bin/ash" is probably not an option.
>>
>> Apple and redhat err'd in using bash to implement the /bin/sh
>>interface. They should switch to ash like BSD or to the dash derivative
>>of ash like Debian.
>
>??
>wallace% uname -a
>Darwin wallace.rfc1035.com 13.4.0 Darwin Kernel Version 13.4.0: Sun Aug
>17 19:50:11 PDT 2014; root:xnu-2422.115.4~1/RELEASE_X86_64 x86_64
>wallace% ls -lsi /bin/*sh
>11551653 1 -r-xr-xr-x 1 root wheel 1228336 1 Oct 09:04 /bin/bash
> 9655244 1 -rwxr-xr-x 2 root wheel 357984 20 May 22:50 /bin/csh
> 9611979 1 -r-xr-xr-x 1 root wheel 1315248 20 May 22:49 /bin/ksh
>11551654 1 -r-xr-xr-x 1 root wheel 1228416 1 Oct 09:04 /bin/sh
> 9655244 1 -rwxr-xr-x 2 root wheel 357984 20 May 22:50 /bin/tcsh
> 9655904 1 -rwxr-xr-x 1 root wheel 530320 20 May 22:50 /bin/zsh
# uname -a
Darwin etwork-mac 13.4.0 Darwin Kernel Version 13.4.0: Sun Aug 17 19:50:11
PDT 2014; root:xnu-2422.115.4~1/RELEASE_X86_64 x86_64
# /bin/sh --version
GNU bash, ...
More information about the dns-operations
mailing list