Shellshock

How do you know whether you are involved in newly discovered  bash security hole?

Try this in your shell

env x='() { :;}; echo Dangerous' bash -c "echo This is a test for your bash"

And if you see Dangerous in your shell, you'd better take action as soon as possible. Imagine that if the code is env x='() { :;}; rm -rf /' bash -c "echo Goodbye!" So, you may want to do those following steps

apt-get update
apt-get upgrade

or you can upgrade bash only

apt-get install --only-upgrade bash

After upgrade, if you execute that command, bash will echo you something like this

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'

声明: 本文为0xBBC原创, 转载注明出处喵~

发表评论

电子邮件地址不会被公开。 必填项已用*标注