top | item 46946543 (no title) chillax | 21 days ago Related: Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-a... discuss order hn newest ddtaylor|21 days ago I think there is an easier substitution attack since there is shell expansion occuring. I will toy with it later today. PhilipRoman|21 days ago The array indexing thing is a special case in [[...]] which is otherwise more-or-less secure (no expansion occurs under typical unquoted variable access). https://news.ycombinator.com/item?id=46631811 faresfa|21 days ago [deleted]
ddtaylor|21 days ago I think there is an easier substitution attack since there is shell expansion occuring. I will toy with it later today. PhilipRoman|21 days ago The array indexing thing is a special case in [[...]] which is otherwise more-or-less secure (no expansion occurs under typical unquoted variable access). https://news.ycombinator.com/item?id=46631811 faresfa|21 days ago [deleted]
PhilipRoman|21 days ago The array indexing thing is a special case in [[...]] which is otherwise more-or-less secure (no expansion occurs under typical unquoted variable access). https://news.ycombinator.com/item?id=46631811
ddtaylor|21 days ago
PhilipRoman|21 days ago
faresfa|21 days ago
[deleted]