Show
Ignore:
Timestamp:
30.09.2014 14:49:43 (5 years ago)
Author:
sjm84
Message:

Removing execute permissions on all scripts that don't have cgi or pl file extensions. This is to circumvent the current vulnerability that exists with executable bash scripts

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/release-kits/kits/rk2/installer/build.xml

    r27026 r29340  
    115115        <chmod dir="${installDir}" includes="*.sh,*.bash" perm="775"/> 
    116116        <chmod dir="${installDir}/bin" includes="*" perm="775"/> 
    117         <chmod dir="${installDir}/cgi-bin/${shell.name}" includes="*" perm="775"/> 
     117        <!-- to circumvent the Shellshock Bash bug vulnerability,  
     118        do not give execute permissions to bash files (*.*sh, or no file extension) 
     119        At present, the "getior" file is the only  bash script here.  
     120        The other executables here have *.cgi, *.pl extensions.--> 
     121        <chmod dir="${installDir}/cgi-bin/${shell.name}" includes="*.cgi,*.pl" perm="775"/> 
    118122        <chmod dir="${installDir}/bin/script" includes="**/*" perm="775"/> 
    119123        <chmod dir="${installDir}/gli" includes="*.sh" perm="775"/>