[Bug 1459201] Re: privmode patch disables setuid protection
Bug Watch Updater
1459201 at bugs.launchpad.net
Mon Jul 27 03:19:59 UTC 2015
** Changed in: bash (Debian)
Status: Won't Fix => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1459201
Title:
privmode patch disables setuid protection
Status in bash package in Ubuntu:
Fix Released
Status in bash package in Debian:
Fix Released
Bug description:
Debian carries a patch called "privmod.diff" that prevents bash from
dropping privileges when setuid if not called "sh".
This patch should be removed as it disables a bash security feature.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1459201/+subscriptions
More information about the foundations-bugs
mailing list