Firstly, that test is for CVE-2014-6271. People should also be aware of CVE-2014-7169, which circumvents the first attempt at a fix. I found this explanation of how it works helpful: http://serverfault.com/a/631379/134053 Secondly, don't assume that debian's default symlink fo /bin/sh to /bin/dash means you are not vulnerable to holes in bash. There's a lot of scripts and system calls around which explicitly invoke `bash` rather than `sh`. Also if a user uses /bin/bash as their shell, then this bug gives a way to circumvent command restrictions on a given ssh key, as configured in ~/.ssh/authorised_keys. With FreeBSD systems, most would have bash installed, but like debian, /bin/sh is not bash. I'm not surprised that Macs have bash installed, but is /bin/sh equal to bash, or is it something else? Andrew McNaughton On 26/09/14 12:25, Peter Ross wrote:
From: "Joh Lindley" <joh.lindley@dcwest.net.au>
Is Apple's sh a bash? I thought they are using FreeBSD's userland (FreeBSD's sh is not affected [at least the tests are negative and there is no SA]) It would appear so. sh-3.2$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test You are calling the bash [not /bin/sh] here.
It shows that you have a bash installed.
Regards Peter
_______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main