[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-patch] ed scripts allow arbitrary code execution
From: |
Andreas Grünbacher |
Subject: |
Re: [bug-patch] ed scripts allow arbitrary code execution |
Date: |
Fri, 6 Apr 2018 18:02:46 +0200 |
2018-04-06 14:32 GMT+02:00 <address@hidden>:
> Hello.
>
> I see that my patch [1] was overlooked and then [2] was written the next
> day.
Removing the feature would create backwards compatibility problems
that I would be bugged about for years to come, and I'd rather like to
avoid that.
> It introduces at least 2 new code executions vulnerabilities relating to
> filenames containing $(..).
Those vulnerabilities must already be there because popen also invokes
the shell.
> I would recommend you avoid executing /bin/sh.
Yes, that makes sense.
Thanks,
Andreas