Hullo Joel,
I can think of an attack, just provide me with ip address of the host
:) and a root account password and login :)
I agree that most systems have other abilities to do the (almost)
same, but yet, all systems (that is to say many more than have nc)
have bash, and while roots on those w
introduced with
http://git.savannah.gnu.org/cgit/bash.git/commit/lib/sh/unicode.c?id=495aee44
builtin echo -e
through ansictr(), and u32cconv() may end up calling wctomb(). however
this function may return -1 when it can not be converted into a
multibyte sequence. This value is then returrned to i
my bad, should have noticed that git head was in 4.2 and not the testing branch.
cheers.
On 11/13/13 4:03 PM, bla blamail wrote:
> introduced with
> http://git.savannah.gnu.org/cgit/bash.git/commit/lib/sh/unicode.c?id=495aee44
>
> builtin echo -e
> through ansictr(), and u32cconv() may end up calling wctomb(). however
> this function may return -1 when it can not be converted into a
>
The following surprised me. I thought line 4 of the output, and certainly
line 5 of the output, should have said "0 /dev/fd/63" too. Is this behavior
a bug?
$ cat bug1.bash
#!/bin/bash
count_lines()
{
wc -l $1
wc -l $1
wc -l $1
true | wc -l $1
wc -l $1
}
count_lines <(date)
$
Irek,
Great feedback. Comments inline.
On Wed, Nov 13, 2013 at 6:39 AM, Irek Szczesniak wrote:
> ':' in *any* Unix paths is not wise because its already used by $PATH.
> Likewise ';' is already occupied by version file systems.
>
I had considered that issue when I was trying to come up with a
Hi Piotr,
Thanks for the feedback. I don't believe this functionality changes the
attack surface. Most systems with bash also have nc/netcat or an equivalent
program which can do the same thing. Even the nc version in busybox has
listen capability. In fact, if you can create a file with arbitrary
On Wed, Nov 13, 2013 at 7:35 AM, Piotr Grzybowski wrote:
> Hi Everyone, hi Joel,
>
> the idea is nice, and I can really see that it is useful, but I would
> be extremely careful with introducing those kind of changes, it can be
> easily interpreted as "backdoor feature", that is: from security po
