[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bash security issue

From: Linda Walsh
Subject: Re: Bash security issue
Date: Thu, 25 Sep 2014 12:15:27 -0700
User-agent: Thunderbird

Eric Blake wrote:
And _that's_ what I want changed, by proposing that bash use 'f()=...'
rather than 'f=() {...' as the magic it uses for exporting functions
from parent to child.
That could still be put in the environment (though not as easily w/o special code).

Not that it is any more secure but how about replacing '()' with 'ƒ(8-byte-hex-sig)' that is some crypto-sig of the function? If it matches the function's sig, then function would be read in. Of course like any crypto function, it's crackable, but to toss in enough bits to really forestall that, would be prohibitive unless done on a
whole 'block' of imported info, i.e.

For more security, one could use cryptographic signing of a sequence of
BASH keys with the public key left in the environment and private key left
in a trusted kernel tpm keyring...(god that sounds painful -- but would like
by the method to really tie this down if that was really needed). But script
isn't supposed to be the last line defense against launching the missiles.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]