bashing your head against nation-state social engineering
Troy Benjegerdes
hozer at hozed.org
Sun Sep 28 08:49:21 PDT 2014
On Sun, Sep 28, 2014 at 02:24:28PM +0200, rysiek wrote:
> Dnia sobota, 27 wrzeĊnia 2014 20:57:13 Troy Benjegerdes pisze:
> > So every once in awhile I have fits of plausible paranoia, which lead me to
> > second guess the motives of everyone arguing why it's 'so hard' to simplify
> > things by doing something like removing bash from debian.
>
> And that will solve the problem -- how? I am not convinced other shells would
> be considerably better/safer (I may be wrong here, of course); the problem was
> (as Travis pointed out) the mind-boggling clusterfsck of cgi-bin. If I were to
> look for a radical move here, it would be abandoning cgi-bin as a matter of
> policy.
Well, something like "() { true;}; rm -rf /var/lib/cgi-gin" solves that
problem quite nicely.
What gets the paranoia going is #!/bin/bash in dhclient-script
I'm at least somewhat encouraged by things like systemd and network-manager
that appear to be moving away from shell scripts for running the basic system.
--
----------------------------------------------------------------------------
Troy Benjegerdes 'da hozer' hozer at hozed.org
7 elements earth::water::air::fire::mind::spirit::soul grid.coop
Never pick a fight with someone who buys ink by the barrel,
nor try buy a hacker who makes money by the megahash
More information about the cypherpunks
mailing list