defend from -> :() { :&:; } ;:
Benjamin M. A'Lee
bma+lists at subvert.org.uk
Mon Oct 22 19:08:07 PDT 2007
On Mon, Oct 22, 2007 at 02:25:42PM -0700, Gary Kline wrote:
> On Mon, Oct 22, 2007 at 06:44:18PM +0200, Martin Tournoij wrote:
> > On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote:
> > > Please do not try to execute this: :() { :&:; } ;: on your BSD machine.
> > > I ask all who already tried it how to defend from this?
> >
> > Wow,, my machine just crashed :-/
> > Does in this work on other OS's as well (ie. GNU/Linux)? Or just
> > (Free?)BSD? I really don't feel like crashing another machine right
> > now...
> >
> > Only works in sh, not in csh.
> >
> > Anyway, this seems to be security/stability issue, maybe a PR is in
> > order?
> >
> > Regards,
> > Martin Tournoij
>
>
> If this *is* only a /bin/sh bug, then it maybe time to issue a
> PR. Remember that *our* "Bourne" shell is really "a shell" or
> ash. I remember hacking on this and playing with it back in tha
> late 80's.
>
> It might be time to use zsh as the FBSD /bin/sh
Why bother? It's not a bug, exactly, so much as a nasty trick of
the sh syntax. It works just as well in zsh.
--
Benjamin A'Lee <bma at subvert.org.uk>
http://subvert.org.uk/~bma/
"He who breaks a thing to find out how it works has left the path of
wisdom." - J.R.R. Tolkien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071023/471bd835/attachment.pgp
More information about the freebsd-questions
mailing list