Bugtraq mailing list archives
Clarification
From: njs3 () DOC IC AC UK (Niall Smart)
Date: Tue, 2 Jun 1998 11:36:42 +0100
In my response to the patch posted for bash I stated that the same functionality could be more easily achieved by removing the --noprofile option and putting the equivalent commands in /etc/profile. This claim is completely bogus, as bash will only read /etc/profile when invoked with *argv[0] == '-' or with the --login option. Many thanks to the innumerable people who reminded me of this. This does not change the main point I was trying to make, namely that getting around this "intrusion detection" technique is trivial. Niall
Current thread:
- Patch to prevent setuid bash shells aleph1 () NATIONWIDE NET (May 30)
- <Possible follow-ups>
- Re: Patch to prevent setuid bash shells Niall Smart (Jun 01)
- Re: Patch to prevent setuid bash shells Aleph One (Jun 01)
- Clarification Niall Smart (Jun 02)
- Re: Patch to prevent setuid bash shells Ryan Veety (Jun 02)
- PPTP Vulnerability Aleph One (Jun 02)
- Re: Patch to prevent setuid bash shells Aleph One (Jun 01)