On 12/14/15 6:30 PM, up201407...@alunos.dcc.fc.up.pt wrote: > Quoting "Stephane Chazelas" <stephane.chaze...@gmail.com>: > > I understand what you're saying. > As much as we would like, there's no way of stopping all attack vectors by > only hardening bash, not only that, but also taking away its useful features. > Though I still believe PS4 shouldn't be imported from the environment.
Maybe if running with uid 0. >> Should we also block SHELLOPTS=history >> HISTFILE=/some/file like /proc/$pid/fd/$fd and >> TZ=/proc/$pid/fd/$fd (like for your /bin/date command) as that >> allows DoS on other processes (like where those fds are for >> pipes). > > Mind explaining this one? > I can't seem to write to HISTFILE in a non-interactive shell, or am i > missing something? You just need to enable history (set -o history). History is independent of whether or not the shell is interactive; it's just enabled by default in interactive shells. -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, ITS, CWRU c...@case.edu http://cnswww.cns.cwru.edu/~chet/