* [9front] executable files in '#e'
@ 2022-08-10 19:11 mkf9
0 siblings, 0 replies; only message in thread
From: mkf9 @ 2022-08-10 19:11 UTC (permalink / raw)
To: 9front
few days ago i noticed this behaviour on /env,
cpu% hold /env/test
cat: can't open /env/test: '/env/test' file does not exist
#!/bin/rc
echo hello world
cpu% ls -l /env/test
--rw-rw-rw- e 0 mkf mkf 27 Jul 18 2021 /env/test
cpu% /env/test
hello world
cpu%
it executes empty c programs as well, but i couldn't fit programs that
do something visable inside /env.
is it a security bug?
if yes, a possible attack could be creation of new variable and
executing it where we don't have file creation access.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-08-10 19:13 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-10 19:11 [9front] executable files in '#e' mkf9
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).