Date: Tue, 30 Sep 2014 07:11:09 +0400 From: gremlin@...mlin.ru To: oss-security@...ts.openwall.com Subject: Re: Healing the bash fork On 29-Sep-2014 22:34:20 -0400, Chet Ramey wrote: >> What is the motivation to not store executable code (functions) >> differently from standard variables? > What would you use for such a store, considering the environment > is the only portable way to pass this information from one process > to another in the general case, and support the current set of > use cases? C.O. to the rescue: temporary file. If one shell instance needs to pass some functions to another, it could dump those functions to a temporary file and pass the --load (or, better, --load-functions) options with a filename parameter. The functions file name may also be passed through environment, but that could open another set of security holes (like reading files). -- Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ðòé gremlin ôþë ru> GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8 @ hkp://keys.gnupg.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ