INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: OSX Security Problem with the Bash shell  (Read 1688 times)

JimH

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 72536
  • Where did I put my teeth?
Logged

glynor

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 19608
Re: OSX Security Problem with the Bash shell
« Reply #1 on: September 25, 2014, 12:30:33 pm »

Yeah. That's a bad one. And it has been in there forever.
Logged
"Some cultures are defined by their relationship to cheese."

Visit me on the Interweb Thingie: http://glynor.com/

glynor

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 19608
Re: OSX Security Problem with the Bash shell
« Reply #2 on: September 26, 2014, 12:37:35 pm »

Further info on this:

If you are a normal desktop OSX user, you are almost certainly unaffected by this problem (for remote exploits anyway, which is the bad issue).  Tests have now been done and, unlike Linux, OSX's DHCP client is not vulnerable.

To be impacted, you'd have had to have enabled Apache and vanilla CGI (not a default configuration even if you enable the web server), or have SSH enabled with something like ForceCommand enabled (restricted shell access for certain users).

There may be some other advanced configurations that could be impacted, but not by default, and basically nothing you can "turn on" through the GUI.
Logged
"Some cultures are defined by their relationship to cheese."

Visit me on the Interweb Thingie: http://glynor.com/
Pages: [1]   Go Up