From owner-freebsd-questions@FreeBSD.ORG Tue Oct 23 02:08:07 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 228CF16A418 for ; Tue, 23 Oct 2007 02:08:07 +0000 (UTC) (envelope-from bma@gilmour.subvert.org.uk) Received: from jagger.subvert.org.uk (jagger.subvert.org.uk [80.68.88.238]) by mx1.freebsd.org (Postfix) with ESMTP id 9B1D413C49D for ; Tue, 23 Oct 2007 02:08:06 +0000 (UTC) (envelope-from bma@gilmour.subvert.org.uk) Received: from localhost (jagger.subvert.org.uk [127.0.0.1]) by jagger.subvert.org.uk (Postfix) with ESMTP id 1E34D3830F for ; Tue, 23 Oct 2007 03:04:55 +0100 (BST) Received: from jagger.subvert.org.uk ([127.0.0.1]) by localhost (jagger.subvert.org.uk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3nBHEWE3YkgN for ; Tue, 23 Oct 2007 03:04:44 +0100 (BST) Received: from gilmour.subvert.org.uk (user-514d9173.l3.c2.dsl.pol.co.uk [81.77.145.115]) (Authenticated sender: bma) by jagger.subvert.org.uk (Postfix) with ESMTP id 157B03831C for ; Tue, 23 Oct 2007 03:04:42 +0100 (BST) Received: by gilmour.subvert.org.uk (Postfix, from userid 1000) id 5CCF2B899; Tue, 23 Oct 2007 03:04:38 +0100 (BST) Date: Tue, 23 Oct 2007 03:04:37 +0100 From: "Benjamin M. A'Lee" To: freebsd-questions@freebsd.org Message-ID: <20071023020437.GB9711@gilmour.subvert.org.uk> References: <123275.56819.qm@web30812.mail.mud.yahoo.com> <20071022164418.GA864@glitch.rwxrwxrwx.net> <20071022212542.GA7058@thought.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="xXmbgvnjoT4axfJE" Content-Disposition: inline In-Reply-To: <20071022212542.GA7058@thought.org> User-Agent: Mutt/1.5.16 (2007-06-09) Subject: Re: defend from -> :() { :&:; } ;: X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Oct 2007 02:08:07 -0000 --xXmbgvnjoT4axfJE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 22, 2007 at 02:25:42PM -0700, Gary Kline wrote: > On Mon, Oct 22, 2007 at 06:44:18PM +0200, Martin Tournoij wrote: > > On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote: > > > Please do not try to execute this: :() { :&:; } ;: on your BSD machin= e. > > > I ask all who already tried it how to defend from this? > >=20 > > Wow,, my machine just crashed :-/ > > Does in this work on other OS's as well (ie. GNU/Linux)? Or just > > (Free?)BSD? I really don't feel like crashing another machine right > > now... > >=20 > > Only works in sh, not in csh. > >=20 > > Anyway, this seems to be security/stability issue, maybe a PR is in > > order? > >=20 > > Regards, > > Martin Tournoij >=20 >=20 > If this *is* only a /bin/sh bug, then it maybe time to issue a=20 > PR. Remember that *our* "Bourne" shell is really "a shell" or=20 > ash. I remember hacking on this and playing with it back in tha > late 80's. >=20 > It might be time to use zsh as the FBSD /bin/sh =20 Why bother? It's not a bug, exactly, so much as a nasty trick of the sh syntax. It works just as well in zsh. --=20 Benjamin A'Lee http://subvert.org.uk/~bma/ "He who breaks a thing to find out how it works has left the path of wisdom." - J.R.R. Tolkien --xXmbgvnjoT4axfJE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFHHVa0EUZDNrttL6ARAn3HAKCKiirqeKgZorFA2IanRWbvhcpMigCfT4/R M5n6F+EWCybu3wjWogY/AE8= =/wEO -----END PGP SIGNATURE----- --xXmbgvnjoT4axfJE--