Package: bash Version: 4.3-12 Severity: important Tags: security
Hi. I've raised the severity a bit, since this may have security implications. When bash is started as a login or non-login shell from an environment that doesn't a reasonable PATH already set and when either --noprofile respectively --norc are used (or some other forms like run as "sh" or in posxi mode, I guess) or when the profile/bashrc files don't set a PATH (which they in principle shouldn't need to) then bash apparently sets some hardcoded default for root and non-root users. In both cases this contains "." as PATH directory, which is generally undesired and typically not recommended to be set per default for security reasons. E.g. $ id -u 1000 $ unset PATH $ /bin/bash --norc $ echo $PATH /usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:. or $ unset PATH $ /bin/bash --noprofile --login $ echo $PATH /usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:. and so on. It seems that this is a Debian speciallity, at least on e.g. centos a sane path is then set. Cheers, Chris. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
