Bugtraq mailing list archives
Re: Bug in bash <= 4.3 [security feature bypassed]
From: Daryl Tester <dt-bugtraq () handcraftedcomputers com au>
Date: Thu, 05 Jun 2014 19:32:36 +0930
On 03/06/14 23:46, Hector Marco wrote:
Recently we discovered a bug in bash. After some time after reporting it to bash developers, it has not been fixed.
...
Any comments about this issue are welcomed. Details at: http://hmarco.org/bugs/bash_4.3-setuid-bug.html
I'm only going by the patch presented above, so ... 1. The program should be calling setgid() before setuid() (which is another common class of security mistake). 2. Why is exit() returning values greater than 255? It's not capable of doing that under (most) Unix environments. -- Regards, Daryl Tester Handcrafted Computers Pty. Ltd.
Current thread:
- Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 04)
- Re: [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jose Carlos Luna Duran (Jun 04)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 05)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jeffrey Walton (Jun 06)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] lists (Jun 05)
- Re: [FD] [oss-security] Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 05)
- Re: Bug in bash <= 4.3 [security feature bypassed] Daryl Tester (Jun 05)
- Re: Bug in bash <= 4.3 [security feature bypassed] Hector Marco (Jun 06)
- Re: [oss-security] Bug in bash <= 4.3 [security feature bypassed] Jose Carlos Luna Duran (Jun 04)