Comment by jamescostian
7 years ago
This is immune to the attack:
bash -c "$(curl -sSLf $URL)"
The key is to download first and then run
7 years ago
This is immune to the attack:
bash -c "$(curl -sSLf $URL)"
The key is to download first and then run
Or better yet:
curl $URL
less $FILE
bash $FILE
This attack only works at all if you download something and execute it immediately without looking at it.
Do you know if
works (sourcing from a Process Substitution)?