Last active
August 29, 2015 14:06
-
-
Save doole/ad251a0ea3b84fd5d690 to your computer and use it in GitHub Desktop.
Mac OS X fix for Bash bug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Source | |
| # http://apple.stackexchange.com/questions/146849/how-do-i-recompile-bash-to-avoid-the-remote-exploit-cve-2014-6271/146851#146851 | |
| # | |
| # Test for vulnerablity | |
| # $ env x='() { :;}; echo vulnerable' bash -c 'echo hello' | |
| # If you want to disable auto-imported functions, uncomment the following | |
| # export ADD_IMPORT_FUNCTIONS_PATCH=YES | |
| mkdir bash-fix | |
| cd bash-fix | |
| curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf - | |
| cd bash-92/bash-3.2 | |
| curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0 | |
| curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0 | |
| # See note above about ADD_IMPORT_FUNCTIONS_PATCH | |
| [ "$ADD_IMPORT_FUNCTIONS_PATCH" == "YES" ] && curl http://alblue.bandlem.com/import_functions.patch | patch -p0 | |
| cd .. | |
| xcodebuild | |
| build/Release/bash --version # GNU bash, version 3.2.53(1)-release | |
| build/Release/sh --version # GNU bash, version 3.2.53(1)-release | |
| sudo mv /bin/bash{,.old} | |
| sudo cp /bin/sh{,.old} | |
| sudo cp build/Release/bash /bin | |
| sudo cp build/Release/sh /bin | |
| sudo chmod a-x /bin/bash.old /bin/sh.old |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment