Date: Mon, 22 Oct 2007 14:25:42 -0700 From: Gary Kline <kline@tao.thought.org> To: freebsd-questions@freebsd.org, laszlo.danielisz@gmail.com Subject: Re: defend from -> :() { :&:; } ;: Message-ID: <20071022212542.GA7058@thought.org> In-Reply-To: <20071022164418.GA864@glitch.rwxrwxrwx.net> References: <123275.56819.qm@web30812.mail.mud.yahoo.com> <20071022164418.GA864@glitch.rwxrwxrwx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 22, 2007 at 06:44:18PM +0200, Martin Tournoij wrote: > On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote: > > Please do not try to execute this: :() { :&:; } ;: on your BSD machine. > > I ask all who already tried it how to defend from this? > > Wow,, my machine just crashed :-/ > Does in this work on other OS's as well (ie. GNU/Linux)? Or just > (Free?)BSD? I really don't feel like crashing another machine right > now... > > Only works in sh, not in csh. > > Anyway, this seems to be security/stability issue, maybe a PR is in > order? > > Regards, > Martin Tournoij If this *is* only a /bin/sh bug, then it maybe time to issue a PR. Remember that *our* "Bourne" shell is really "a shell" or ash. I remember hacking on this and playing with it back in tha late 80's. It might be time to use zsh as the FBSD /bin/sh gary -- Gary Kline kline@thought.org www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071022212542.GA7058>