in reply to Re^8: Taint and Shellshock
in thread Taint and Shellshock

Much easier to fix the problem one level deeper. Just replace /bin/bash with this Perl script:

#!/usr/bin/perl -wT
use strict;

# Clean up environment 
s/^\(\) {.*// for values %ENV;

# Now, exec bash with our name and our arguments
exec { $0 } '/bin/bash.original', @ARGV;

[download]

If you're looking at validating all environment variables, you'd need to know which environment variables are supposed to hold what kind of values. And for example LD_PRELOAD or LD_LIBRARY_PATH should be passed through verbatim (because if an attacker already has access to these, you can't even trust yourself).

Replies are listed 'Best First'.
Re^10: Taint and Shellshock
by kennethk (Abbot) on Sep 29, 2014 at 20:28 UTC
    LD_PRELOAD and LD_LIBRARY_PATH. Thank you; I knew I was forgetting something.

    #11929 First ask yourself `How would I do this without a computer?' Then have the computer do it the same way.

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom