X-RDate: Sun, 13 Jan 1980 10:03:17 +0500 (SSK)
Date: Sun, 7 Dec 1997 11:56:41 +0100
From: Casper Dik <[email protected]>
To: [email protected]Subject: Re: Buggy /usr/bin shell scripts
>This is old news, but it seem to be around still.
>
>Solaris 2.5.1 and 2.6:
>
>$ ln -s /usr/bin/true /tmp/e
>$ PATH=/tmp IFS=x /usr/bin/false
>$ echo $?
>0
>
>This combined with the habit of giving non-login accounts /bin/false
>as a shell feels dangerous.
Whether this is a bug or a (mis)feature is open for some debate, the
shell imports all variables so why not import IFS? $PATH also influences
shell scripts.
Solaris 2.x login will filter IFS and other environment variables, but
"su" and other don't filter it, so using /bin/false as only protective
measure is not sufficient for denying local attacks.
Solaris 2.next /bin/sh will no longer import IFS from the environment.
Casper
