Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: zsh 5.0.7 released

X-seq: zsh-workers 33440
From: shawn wilson <ag4ve.us@xxxxxxxxx>
To: Bart Schaefer <schaefer@xxxxxxxxxxxxxxxx>
Subject: Re: zsh 5.0.7 released
Date: Sat, 11 Oct 2014 18:53:33 -0400
Cc: "Zsh Hackers' List" <zsh-workers@xxxxxxx>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=VyAj8MalmptaHDkN9lwYl+2JfeUOKN0UT+FPDQWBrZ8=; b=iOXrXIvb/ZrkVYQU3dKM2eRTnyNE9VxzImE7/YwERQB5KasDrx35wRUn8kWFmv53nv Ey5L6G4qOIo/NUWMSB1HGuzi0AW/XlK7O0gQPJrjdCM2twpEthrelho/0a62GlzWLyqi 8lDNQW1445faT6cwe4AX5ahPKGysKmHj+MtSmEuLGmUMBV5LaCOoraIMU1H0AFbTjIqP 4emMHVUljyYrmJmkFCMXx+lcJ61lggZDnyv9+c73hdEj+qGHotA0Ydr0CkZWB1qUZpOs wFg4HazanwMdjMil/lRJZplcVlHbJgCs+6ahnDyycIRKyXoTU+304Si6uOHMX2P7+ocq qUew==
In-reply-to: <141009185417.ZM29893@torch.brasslantern.com>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <20141008193835.5d66c0ad@pws-pc.ntlworld.com> <CAH_OBieFY24--_Ka637pM0g-iKEKLrnz4zXLcWKj9_mx+DKn=w@mail.gmail.com> <20141009214806.201e9c0d@pws-pc.ntlworld.com> <CAH_OBicE38Mj6FW=1bbXMH7YZWNb0FRsPUM9wEPtKQe+3Z-V3A@mail.gmail.com> <141009185417.ZM29893@torch.brasslantern.com>

Ty
On Oct 9, 2014 9:53 PM, "Bart Schaefer" <schaefer@xxxxxxxxxxxxxxxx> wrote:

> On Oct 9,  6:41pm, shawn wilson wrote:
> }
> } > > > privilege escalation, under some specific and atypical conditions
> } > > > where zsh is being invoked in privilege elevation contexts when the
> } > > > environment has not been properly sanitized, such as when zsh is
> } > > > invoked by sudo on systems where "env_reset" has been disabled.
> } > >
> } > > Was this security issue in SSH discussed on the list somewhere (I
> can't
> }
> } s/SSH/bash/
>
> Did you mean zsh instead of bash?
>
> } > > seem to find other mention of it outside the readme - not even direct
> } > > mention in changelog or git log)...?
> }
> } And I was referring to the zsh readme, changelog, git log.
>
> The paragraph about "privilege escalation" quoted above appears at the
> top of the README file.
>
> Change log entry is this:
>
> 2014-09-29  Peter Stephenson  <p.stephenson@xxxxxxxxxxx>
>
>         * users/19183: Src/hist.c: handle unlikely error case with
>         fdopen() better.
>
>         * 33276: Src/params.c, Src/zsh.h: safer import of numerical
>         variables from environment.
>
> The git log is very brief and is the same as the 33276 ChangeLog.
>
>
> } > I don't know of an ssh issue,  but the sudo issue was discussed
> offline.
> } >
> } > The original point about sanitising integer imports, however, was
> } discussed
> } > here.
> }
> } Huh, I'll look again.
>
> The first mention of the integer import problem on the list is here:
>
>     http://www.zsh.org/mla/workers/2014/msg01041.html
>
> --
> Barton E. Schaefer
>

References:
- Re: zsh 5.0.7 released
  - From: Peter Stephenson
- Re: zsh 5.0.7 released
  - From: shawn wilson
- Re: zsh 5.0.7 released
  - From: Bart Schaefer

Messages sorted by: Reverse Date, Date, Thread, Author