这是一个创建于 3711 天前的主题,其中的信息可能已经有所发展或是发生改变。
看起来好像挺严重的,OS X 普通用户有什么安全隐患,需要注意什么
3 条回复 • 2014-09-26 23:54:35 +08:00
 |
1
janxin 2014-09-26 20:46:27 +08:00
你可以参考这个: http://unix.stackexchange.com/questions/157442/what-is-the-severity-of-the-new-bash-exploit-shellshock
普通用户如果没有开放什么服务(Git OpenSSH or 端口转发 or 你开了个Web service)应该问题不太大,osx的dhcp应该是没问题的,如果我错了,请指教... |
 |
3
wuhx 2014-09-26 23:54:35 +08:00  1
@bumz
https://access.redhat.com/articles/1200223 CGI scripts are likely affected by this issue: when a CGI script is run by the web server, it uses environment variables to pass data to the script. These environment variables can be controlled by the attacker. If the CGI script calls Bash, the script could execute arbitrary code as the httpd user. mod_php, mod_perl, and mod_python do not use environment variables and we believe they are not affected. |
Select Language