oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2014-6271: remote code execution through bash

From: Chet Ramey <chet.ramey () case edu>
Date: Mon, 29 Sep 2014 19:50:52 -0400
On 9/27/14, 10:15 PM, Eric Blake wrote:




Are you 100% sure that posixly_correct is correctly initialized at this
point in parsing the incoming environment variables, regardless of
whether you invoked '/bin/sh', 'bash -o posix', or 'POSIXLY_CORRECT=1
bash'?  


For POSIXLY_CORRECT: yes.  Very early on in main() the shell looks for
POSIXLY_CORRECT and POSIX_PEDANTIC in the environment and sets
posixly_correct to 1 if either one is found.

For bash -o posix: yes.  Options (including long options like --posix)
are parsed well before the environment is read.

For /bin/sh: no.  As documented, the shell enters posix mode after it
reads the startup files.

Chet
-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    chet () case edu    http://cnswww.cns.cwru.edu/~chet/
Previous By Date Next
Previous By Thread Next

Current thread: