On Sunday 24 September 2006 09:25, Kevin Day wrote: > I've been thinking about the well known recursive security issues with > a program calling itself over and over again. In this case, with bash. > > Something like: > > $ #!/bin/bash > $ $0 & > $ $0 & > $ exec $0 # just for kicks > > [snip] > > I've been wondering if I should make a patch for patch that extends > some sort of memory (double-pointed list?) so that when bash executes > commands from child scripts, it will not allow the parent script to be > called.
If the problem you're trying to solve is really bad security of a recursive behaviour then I don't recommend you to make the patch since this behaviour is the "standard". In other words, the patch may break the _correct_ scripts written using this manner. > some people, perhaps isolated embeded systems, may actually need > recursion in this manner > I can see a fix for this by doing #ifdefs and a compile time > --enable-recursive-calls Making such a patch is similar to a patch that would allow/disallow installing the "rm" program when installing coreutils just because the command can be used for removing important files on a system. -- Nothing but perfection pv -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
