From owner-freebsd-questions@FreeBSD.ORG Mon Oct 22 21:25:46 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3FEA816A41B for ; Mon, 22 Oct 2007 21:25:46 +0000 (UTC) (envelope-from kline@tao.thought.org) Received: from tao.thought.org (dsl231-043-140.sea1.dsl.speakeasy.net [216.231.43.140]) by mx1.freebsd.org (Postfix) with ESMTP id CBA9413C481 for ; Mon, 22 Oct 2007 21:25:45 +0000 (UTC) (envelope-from kline@tao.thought.org) Received: from tao.thought.org (localhost [127.0.0.1]) by tao.thought.org (8.13.8/8.13.1) with ESMTP id l9MLPhKp007169; Mon, 22 Oct 2007 14:25:43 -0700 (PDT) (envelope-from kline@tao.thought.org) Received: (from kline@localhost) by tao.thought.org (8.13.8/8.13.1/Submit) id l9MLPhw4007168; Mon, 22 Oct 2007 14:25:43 -0700 (PDT) (envelope-from kline) Date: Mon, 22 Oct 2007 14:25:42 -0700 From: Gary Kline To: freebsd-questions@freebsd.org, laszlo.danielisz@gmail.com Message-ID: <20071022212542.GA7058@thought.org> References: <123275.56819.qm@web30812.mail.mud.yahoo.com> <20071022164418.GA864@glitch.rwxrwxrwx.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20071022164418.GA864@glitch.rwxrwxrwx.net> User-Agent: Mutt/1.4.2.2i X-Organization: Thought Unlimited. Public service Unix since 1986. X-Of_Interest: With 21 of service to the Unix community. Cc: Subject: Re: defend from -> :() { :&:; } ;: X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Oct 2007 21:25:46 -0000 On Mon, Oct 22, 2007 at 06:44:18PM +0200, Martin Tournoij wrote: > On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote: > > Please do not try to execute this: :() { :&:; } ;: on your BSD machine. > > I ask all who already tried it how to defend from this? > > Wow,, my machine just crashed :-/ > Does in this work on other OS's as well (ie. GNU/Linux)? Or just > (Free?)BSD? I really don't feel like crashing another machine right > now... > > Only works in sh, not in csh. > > Anyway, this seems to be security/stability issue, maybe a PR is in > order? > > Regards, > Martin Tournoij If this *is* only a /bin/sh bug, then it maybe time to issue a PR. Remember that *our* "Bourne" shell is really "a shell" or ash. I remember hacking on this and playing with it back in tha late 80's. It might be time to use zsh as the FBSD /bin/sh gary -- Gary Kline kline@thought.org www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org