|
|
Log in / Subscribe / Register

Bash gets shellshocked

Bash gets shellshocked

Posted Oct 3, 2014 9:39 UTC (Fri) by cortana (subscriber, #24596)
In reply to: Bash gets shellshocked by Siosm
Parent article: Bash gets shellshocked

That's not a hole in dash, it's a hole in anything that calls another program without cleaning its environment. In the example given, VMWare's vmware-mount utility, which is setuid, does not clean PATH before executing lsb_release. This is inexcusably bad, and makes me wonder what other horrors lurk within that codebase.

to post comments

Bash gets shellshocked

Posted Oct 3, 2014 9:52 UTC (Fri) by Siosm (subscriber, #86882) [Link]

We can call it a "lack of security feature" if you like, but that won't change the fact that this allowed local root escalation where bash would have not. Whether or not WMware is crapware doesn't really matter here.

I'm definitely not pro-bash, nor anti-dash, but switching shells because one vulnerability was found is "fear driven security".


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds