Am 27.09.2014 um 12:01 schrieb Roy Marples: > On Friday 26 Sep 2014 21:14:20 Simon Kelley wrote: >> This is just a heads-up that if you're using the --dhcp-script option in >> dnsmasq, and the script you're calling is being interpreted by bash, >> then you're affected by the shellshock bug. >> >> The bug allows execution of arbitrary code contained in the values of >> environment variables, and there are several variables in the >> environment inherited by the DHCP script whose values can be set >> directly by a DHCP client, so any DHCP client on your network (or >> elsewhere, if your firewall allows) can execute arbitrary shellcode, >> probably as root, with a simple DHCP request. >> >> The fix, of course, is to update bash. > > What's your reason for not sanitising the variables?
This isn't dnsmasq's fault - what's bash's reason for parsing or executing environment variables as though they were functions? This is a stupid design decision. Bash has a dozen other ways at hand to propagate information for those cases where the cloned address space from fork() isn't enough. It only needs to pick one and use it. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss