>This is old news, but it seem to be around still. > >Solaris 2.5.1 and 2.6: > >$ ln -s /usr/bin/true /tmp/e >$ PATH=/tmp IFS=x /usr/bin/false >$ echo $? >0 > >This combined with the habit of giving non-login accounts /bin/false >as a shell feels dangerous. Whether this is a bug or a (mis)feature is open for some debate, the shell imports all variables so why not import IFS? $PATH also influences shell scripts. Solaris 2.x login will filter IFS and other environment variables, but "su" and other don't filter it, so using /bin/false as only protective measure is not sufficient for denying local attacks. Solaris 2.next /bin/sh will no longer import IFS from the environment. Casper
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:34:59 PDT