Originally posted by Stevie Wonder Boy
View Post
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Linux bash vulnerability
Collapse
X
Collapse
-
-
-
Only affects people who can't use vi on the command line!
We've removed it from proper Unixes where some bell end has installed it, only pretend unix fanbois seem to depend on it so we've had to pander to them for this 20 year old exploit...Comment
-
I'm getting that Stek is old, and set in his ways.Knock first as I might be balancing my chakras.Comment
-
uh no .. hell no bash is the default shell. So everytime apache spawns a process it starts a bash shell. On an unpatched system you can use header variables to run anything you like on the target box.
Your vi supposition is clearly wrong and shows a pretty simple understanding of current linux os and processes.Comment
-
Originally posted by suityou01 View PostI'm getting that Stek is old, and set in his ways.
Sure it's serious, but is it end of the world stuff? Nope.
Are the vendors unable to cope with it? Nope.
Are fixes being rolled out at a decent pace? Yep.
Are some contractors with the relevant skills making money from what's happened? YupComment
-
The attack vector of choice is NAS boxes bizarrely. But I don't think the full hand has been played yet. Sensibly biding their time rather than peaking too soon.Knock first as I might be balancing my chakras.Comment
-
Originally posted by TykeMerc View PostThat's ok, we got that you're a hysterical, fantasist, brainless ****wit twat years ago, you just reinforce the view on a regular basis.
Sure it's serious, but is it end of the world stuff? Nope.
Are the vendors unable to cope with it? Nope.
Are fixes being rolled out at a decent pace? Yep.
Are some contractors with the relevant skills making money from what's happened? YupKnock first as I might be balancing my chakras.Comment
-
Originally posted by suityou01 View PostThe attack vector of choice is NAS boxes bizarrely. But I don't think the full hand has been played yet. Sensibly biding their time rather than peaking too soon.Comment
-
Originally posted by Stevie Wonder Boy View Postuh no .. hell no bash is the default shell. So everytime apache spawns a process it starts a bash shell. On an unpatched system you can use header variables to run anything you like on the target box.
Your vi supposition is clearly wrong and shows a pretty simple understanding of current linux os and processes.
It might be a shock to you but not everything is Linux, and not every Unix has bash as default, or even on the system. You might need your arrow keys working but most of us don't. Don't be lazy and expose yourself to this sort of thing, bash is not needed, nor is it a prerequisite for anything.Comment
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Comment