Active Topics
-
Firefox with Leste (5)
to Maemo 7 / Leste by teroyk - 3 days, 18 hrs ago -
Handbook (2)
to Maemo 7 / Leste by teroyk - 4 days, 18 hrs ago - more...
 |
|
2014-09-25
, 10:39
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#12
|
Originally Posted by Bundyo
But do you run a webserver on your Jolla? That can run CGI scripts?
Probably like this, check the Internet Scans section:
http://www.volexity.com/blog/?p=19
 |
|
2014-09-25
, 10:41
|
|
Posts: 4,708 |
Thanked: 4,649 times |
Joined on Oct 2007
@ Bulgaria
|
#13
|
Not yet 
__________________
Technically, there are three determinate states the cat could be in: Alive, Dead, and Bloody Furious.
Technically, there are three determinate states the cat could be in: Alive, Dead, and Bloody Furious.
 |
|
2014-09-25
, 11:01
|
|
Posts: 6,436 |
Thanked: 12,699 times |
Joined on Nov 2011
@ Ängelholm, Sweden
|
#15
|
@javispedro #paranoiaeverywhere, lol
|
|
2014-09-25
, 13:38
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#17
|
Originally Posted by coderus
Wont have to wait long
anyway, waiting for bash update in nieldk repo
Edit: https://openrepos.net/content/nieldk/bash
patchlevel 25, which fixes #shellschock
source (and binaries)
https://build.merproject.org/package...elnielsen/bash
Last edited by nieldk; 2014-09-25 at 15:38. Reason: Added screenshot
|
|
2014-09-25
, 14:49
|
|
Posts: 1,548 |
Thanked: 7,510 times |
Joined on Apr 2010
@ Czech Republic
|
#18
|
Originally Posted by javispedro
Yeah, but as people are expected to publish compiled binaries, any QAed application can still every April 1 grab all your pictures and post them to Imgur.
The JollaStore RPM packages are somewhat safer, but only because they are manually/statically analyzed.
And the store QA has no realistic chance to find about this beforehand. Still better than running as root, but there is still a lot of sensitive content accessible to unpriviledged accounts & full network access for all apps.
__________________
modRana: a flexible GPS navigation system
Mieru: a flexible manga and comic book reader
Universal Components - a solution for native looking yet component set independent QML appliactions (QtQuick Controls 2 & Silica supported as backends)
modRana: a flexible GPS navigation system
Mieru: a flexible manga and comic book reader
Universal Components - a solution for native looking yet component set independent QML appliactions (QtQuick Controls 2 & Silica supported as backends)
| The Following User Says Thank You to MartinK For This Useful Post: | ||
|
|
2014-09-25
, 16:17
|
|
Posts: 170 |
Thanked: 386 times |
Joined on Dec 2009
|
#19
|
Originally Posted by vincr
When I ran the test command on my N9 it showed it was affected. I don't run a web server on it but I would be interested if there is any way to patch the N9 and N900 (haven't tested) once the mainstream patches get sorted.
Wrong subforum, but what about Maemo and Meego? These OS'es are infected too with this bug isn't it?
 |
|
2014-09-25
, 17:43
|
|
Posts: 6,445 |
Thanked: 20,981 times |
Joined on Sep 2012
@ UK
|
#20
|
Just tested on my N900 (Bash4).
(Source: http://xkcd.com/1200/)
Last edited by pichlo; 2014-09-25 at 20:23. Reason: Added xkcd link
Code:
~ $ env x='() { :;}; echo vulnerable'
bash -c "echo this is a test"
vulnerable
this is a test
~ $
Originally Posted by MartinK
Still better than running as root
(Source: http://xkcd.com/1200/)
Last edited by pichlo; 2014-09-25 at 20:23. Reason: Added xkcd link
| The Following 2 Users Say Thank You to pichlo For This Useful Post: | ||
http://www.volexity.com/blog/?p=19
Technically, there are three determinate states the cat could be in: Alive, Dead, and Bloody Furious.