Zsh Mailing List Archive
Messages sorted by: Reverse Date, Date, Thread, Author

Re: Zsh - Multiple DoS Vulnerabilities



[sorry for double send]

Stephane Chazelas wrote on Tue, 14 May 2019 18:11 +00:00:
> IMO, from a security standpoint, it's not very useful to fuzz
> "code" input provided to zsh, as anyway any "code" allows zsh to
> run any arbitrary command (except for the restricted mode). In
> other words, the "code" is generally not the attacker supplied
> data.

Sounds right.

I've been trying to come up with counterexamples.  What if somebody
installed a /etc/zshenv that does, say, 'disable zmodload enable'?
If that actually prevents zmodload from being run,¹ then a bug that
allows zmodload to be run would be interesting.

Cheers,

Daniel

¹ I'm not sure it does because there might be some other way to run
zmodload — an assignment to $modules, maybe?  (Don't have time to test
this, sorry.)



Messages sorted by: Reverse Date, Date, Thread, Author