1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Linux bash vulnerability

Collapse
X
21 to 30 of 143 Previous 1 2 3 4 5 6 13 15 template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
21 to 30 of 143 Previous 1 2 3 4 5 6 13 15 template Next
    #21
    Originally posted by stek View Post
    All bash is, even on SPARC Solaris.
    Ubuntu users dash as its shell.

    Comment

      #22
      Originally posted by stek View Post
      All bash is, even on SPARC Solaris.
      Yep. Apart from Ubuntu and Debian flavours. Please don't make me say it again.
      Knock first as I might be balancing my chakras.

      Comment

        #23
        CGI scripts? How very 1990's. How many servers are you running that might be affected Suity? None? At ease then, soldier.

        Comment

          #24
          Originally posted by administrator View Post
          CGI scripts? How very 1990's. How many servers are you running that might be affected Suity? None? At ease then, soldier.
          Quoted for posterity.
          Knock first as I might be balancing my chakras.

          Comment

            #25
            Originally posted by suityou01 View Post
            Yep. Apart from Ubuntu and Debian flavours. Please don't make me say it again.
            Yes but bash is installable on said Unix-like operating systems and probably is installed under the mass of crap that gets shovelled in with a 'default' install on these OS's but isn't the default shell, and might never be invoked by a user but it's still there.

            It's not like Ubuntu just gets dash (thanks Unix) or IRIX just gets zsh, is it?

            I spent all today trawling through various Unixes and Unix-like OS's and you can't assume that because AIX doesn't come with bash it's not been added or because we all prefer ksh on Solaris and HP-UX bash isn't there either.

            Comment

              #26
              Originally posted by Unix View Post
              It's been out there for 20 years yet no-one has exploited it yet, funny that. It's storm in a teacup.
              It probably has been exploited, but those who've been doing it have kept quiet.

              Comment

                #27
                From what I can see it reads a bit like the heartbleed thing from earlier in the year. That was a storm in a tea-cup. Checking and patching machines keeps a lot of bods in works. Worryworts such as yourself help to maintain management's need for this. Keep up the good work, your contribution to the cause is greatly appreciated.

                Comment

                  #28
                  Originally posted by administrator View Post
                  From what I can see it reads a bit like the heartbleed thing from earlier in the year. That was a storm in a tea-cup. Checking and patching machines keeps a lot of bods in works. Worryworts such as yourself help to maintain management's need for this. Keep up the good work, your contribution to the cause is greatly appreciated.
                  Too right, we're in Change Control/Downtime hell now, be weeks before anything's done lol!

                  Comment

                    #29
                    Originally posted by administrator View Post
                    From what I can see it reads a bit like the heartbleed thing from earlier in the year. That was a storm in a tea-cup. Checking and patching machines keeps a lot of bods in works. Worryworts such as yourself help to maintain management's need for this. Keep up the good work, your contribution to the cause is greatly appreciated.
                    Maybe so. I hope you're right but I think you're assuming a cgi exploit is the only possible attack vector.

                    I agree with the analysts, we ain't seen nothing yet.
                    Knock first as I might be balancing my chakras.

                    Comment

                      #30
                      Originally posted by stek View Post
                      Yes but bash is installable on said Unix-like operating systems and probably is installed under the mass of crap that gets shovelled in with a 'default' install on these OS's but isn't the default shell, and might never be invoked by a user but it's still there.

                      It's not like Ubuntu just gets dash (thanks Unix) or IRIX just gets zsh, is it?

                      I spent all today trawling through various Unixes and Unix-like OS's and you can't assume that because AIX doesn't come with bash it's not been added or because we all prefer ksh on Solaris and HP-UX bash isn't there either.
                      Aye, as I understand it on Ubuntu dash is the default but bash is still there. But best ask Suity, he is the expert on these things

                      Comment

                      Reply to Thread
                      21 to 30 of 143 Previous 1 2 3 4 5 6 13 15 template Next

                      Advertisers

                      1. Contracting
                        1. General
                          1. Brexit
                        2. Business / Contracts
                          1. Coronavirus Assistance
                        3. Accounting / Legal
                          1. Umbrella Companies
                          2. HMRC Scheme Enquiries
                          3. The Future of Contracting
                          4. IR35 Reform
                        4. Technical
                        5. Welcome / FAQs
                      2. Social
                        1. Light Relief
                        2. Social / Events
                      Working...
                      X