Hacker News new | past | comments | ask | show | jobs | submit login

Had anyone suggested and/or implemented something like building a tiny wrapper for bash that would clean environment and then execve("/bin/bash.vulnerable", argv, cleaned_envp)?

In the red hat links (already in the comments here) there is an LD_PRELOAD file which cleans the environment for _all_ your processes.

    $ /usr/bin/env - /usr/local/bin/bash -c set sh

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact