...
The only system with a real compromise was OS-X, the /bin/sh being a
bash.
$ bash --version
GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
Copyright (C) 2007 Free Software Foundation, Inc.
$ env '__BASH_FUNC<ls>()'="() { echo Game Over; }" /bin/sh -c ls
Game Over
b) the security fix is not pushed to all Macs by default.
Thanks,
John
(OpenBSD ships with bash uninstalled in any case; ksh for
users and sh is sh.)
cheers,
Douglas
On 30/09/14 3:10 AM, Douglas Ray wrote:
> The latest bash patchlevel 27 (a day and a half ago) at savannah seems
> to fix things - 4.3.27 (yes, anonymous checkout).
>
> [back up your originals]
> git clone git://git.savannah.gnu.org/bash.git
> ./configure
> make
> make test
> sudo make install
>
> (default install is in /usr/local/bin/, you probably want it in /bin)
>
> I'd be interested to know on which systems this compiles / tests
> without errors.
>
> cheers
> Douglas
> _______________________________________________
> luv-main mailing list
> luv-main@luv.asn.au
> http://lists.luv.asn.au/listinfo/luv-main
>
>
_______________________________________________
luv-main mailing list
luv-main@luv.asn.au
http://lists.luv.asn.au/listinfo/luv-main