$ bash --version GNU bash, version 4.2.48(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition
$ bash --version GNU bash, version 4.1.10(4)-release (i686-pc-cygwin) Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later
This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test
脆弱性入りだと具体的にどうなるの (スコア:0)
Linuxのだと
Re:脆弱性入りだと具体的にどうなるの (スコア:2)
うちのCygwin だと、こんな感じでふ。
$ bash --version
GNU bash, version 4.1.10(4)-release (i686-pc-cygwin)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test
svn-init() {
svnadmin create .svnrepo
svn checkout file://$PWD/.svnrepo .
}