oss-sec mailing list archives
Re: Fwd: Non-upstream patches for bash
From: Sven Kieske <s.kieske () mittwald de>
Date: Mon, 29 Sep 2014 08:39:59 +0200
On 27/09/14 17:06, Solar Designer wrote:
Of course, what input is trusted vs. not may be unclear. Apparently, 20 years ago bash developers considered all env vars to be trusted input, regardless of the names, which is how we got here.
Well, from a scientific point of view, this was already solved, if I'm interpreting bash correctly. See page 12 in this paper: http://langsec.org/ShotgunParsersShmoo.pdf To quote for the lazy: 'Input sanitization: “you can suppress ‘bad stuff’ in input+output to make it safe” Reality: Halting problem. Deal with it.' This should be true for all turing complete input languages (which I assume bash is capable of). So you can not "filter" turing complete input languages unless you restrict your language so hard that you in fact create another class of languages, e.g. just allow regex, which would create a context-free language[1], which would circumvent whole classes of exploits. Also cc'ing langsec-list, as they are interested in getting this stuff fixed in real applications. [1]https://en.wikipedia.org/wiki/Context-free_language -- Mit freundlichen Grüßen / Regards Sven Kieske Systemadministrator Mittwald CM Service GmbH & Co. KG Königsberger Straße 6 32339 Espelkamp T: +49-5772-293-100 F: +49-5772-293-333 https://www.mittwald.de Geschäftsführer: Robert Meyer St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
Current thread:
- Re: Fwd: Non-upstream patches for bash, (continued)
- Re: Fwd: Non-upstream patches for bash Michal Zalewski (Sep 25)
- Re: Fwd: Non-upstream patches for bash Chet Ramey (Sep 25)
- Re: Fwd: Non-upstream patches for bash Solar Designer (Sep 26)
- Re: Fwd: Non-upstream patches for bash Solar Designer (Sep 26)
- Re: Fwd: Non-upstream patches for bash Michal Zalewski (Sep 26)
- Re: Fwd: Non-upstream patches for bash Roman Drahtmueller (Sep 27)
- Re: Fwd: Non-upstream patches for bash Solar Designer (Sep 27)
- Re: Fwd: Non-upstream patches for bash Roman Drahtmueller (Sep 27)
- Re: Fwd: Non-upstream patches for bash Steve Jones (Sep 27)
- Re: Fwd: Non-upstream patches for bash Michael Samuel (Sep 28)
- Re: Fwd: Non-upstream patches for bash Sven Kieske (Sep 28)
- Re: [langsec-discuss] [oss-security] Fwd: Non-upstream patches for bash Paul Burchard (Sep 29)
- Re: Fwd: Non-upstream patches for bash Bernhard Hermann (Sep 29)
- Re: Fwd: Non-upstream patches for bash Ed Prevost (Sep 29)
- Re: Fwd: Non-upstream patches for bash Jakub Wilk (Sep 29)
- Re: Fwd: Non-upstream patches for bash cve-assign (Sep 29)
- Re: Fwd: Non-upstream patches for bash Chet Ramey (Sep 29)
- Re: [security-vendor] Re: [oss-security] Fwd: Non-upstream patches for bash Mark Hatle (Sep 26)