From: Grant Taylor via TUHS <tuhs@tuhs.org>
To: tuhs@tuhs.org
Subject: [TUHS] Re: shell escapes in utilities
Date: Tue, 1 Aug 2023 10:37:55 -0500 [thread overview]
Message-ID: <f576a495-06a9-2753-7d12-e95cf7ae2a45@tnetconsulting.net> (raw)
In-Reply-To: <CAP6exYJZv=tThsACn3sRvV0HXRYG_GLuUtWkxVk_n5XhuN1UpA@mail.gmail.com>
On 8/1/23 12:47 AM, ron minnich wrote:
> I got to wondering, based on the sendmail discussions, how many shell
> escapes have appeared over the years?
Please clarify what you mean by "shell escape". I think that there are
a LOT of programs that can shell out and run arbitrary commands while in
the program.
Sudo also uses this phrasing for references to things like this.
Then there are abuses of shell escapes used as vulnerability / vectors
to attack things.
Grant. . . .
prev parent reply other threads:[~2023-08-01 15:38 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-01 5:47 [TUHS] " ron minnich
2023-08-01 11:38 ` [TUHS] " Leah Neukirchen
2023-08-01 12:31 ` G. Branden Robinson
2023-08-01 20:33 ` Dave Horsfall
2023-08-01 20:40 ` arnold
2023-08-01 14:29 ` Skip Tavakkolian
2023-08-01 15:30 ` ron minnich
2023-08-01 18:43 ` Ron Natalie
2023-08-01 18:55 ` Niklas Karlsson
2023-08-01 20:48 ` Steffen Nurpmeso
2023-08-01 21:11 ` Ron Natalie
2023-08-01 21:52 ` Steffen Nurpmeso
2023-08-01 21:13 ` Niklas Karlsson
2023-08-01 21:19 ` Dave Horsfall
2023-08-02 3:01 ` Grant Taylor via TUHS
2023-08-02 3:42 ` Niklas Karlsson
2023-08-02 2:59 ` Grant Taylor via TUHS
2023-08-02 10:49 ` Rich Salz
2023-08-02 14:49 ` Grant Taylor via TUHS
2023-08-02 14:20 ` Clem Cole
2023-09-19 16:56 ` Ori Bernstein
2023-09-19 17:04 ` ron minnich
2023-08-01 15:36 ` Phil Budne
2023-08-01 15:37 ` Clem Cole
2023-08-01 15:37 ` Grant Taylor via TUHS [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f576a495-06a9-2753-7d12-e95cf7ae2a45@tnetconsulting.net \
--to=tuhs@tuhs.org \
--cc=gtaylor@tnetconsulting.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).