X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:references :mime-version:content-type:in-reply-to; q=dns; s=default; b=vcu5 m5Spgw3S5q0+cGiAj2CFQLEV89hHLTzgyhlslch6i8TyIu41cFTn3EISu+7cnplo QYww/SFdQvuIGKaaF6CMTq+E9sOI+SrLGBn2tBodmg/r6oi7qt9FGjboz+9FH2R7 aO95zI20rjTeEdKYEAiNawFk8ayS4t0+IQKp/pQ= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:references :mime-version:content-type:in-reply-to; s=default; bh=3+RohL9aW5 YQ+zB+1VHHKTLKPvU=; b=W+3aFxORYdnd1p6OFfLAlDbjXgSphgHj4tjV/aXW18 WYGMAqCB41Tnx7ggV8BQVxGbNeGmi/1SJ0w5Z5lznHrWAcrXj8OrGuIZlDmwdu68 IiHrh8k0eU4tkriXas7yHJIAHZVsGuYJze7SYIjqkTBlyOnlzvFmvM/SHhalh2Y5 g= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com X-Spam-SWARE-Status: No, score=-6.0 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KHOP_PGP_SIGNED,KHOP_RCVD_TRUST,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE autolearn=ham version=3.3.1 X-Received: by 10.68.212.168 with SMTP id nl8mr5717278pbc.43.1365824458893; Fri, 12 Apr 2013 20:40:58 -0700 (PDT) Date: Fri, 12 Apr 2013 21:40:53 -0600 From: Erik Falor To: cygwin AT cygwin DOT com Subject: Re: /dev/tcp support in bash shell Message-ID: <20130413034053.GJ2177@raspberrypi> Mail-Followup-To: cygwin AT cygwin DOT com References: <1132116354 DOT 20130413034910 AT mtu-net DOT ru> <5168B0E1 DOT 3050808 AT cygwin DOT com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4LFBTxd4L5NLO6ly" Content-Disposition: inline In-Reply-To: <5168B0E1.3050808@cygwin.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Virus-Found: No --4LFBTxd4L5NLO6ly Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 12, 2013 at 09:12:01PM -0400, Larry Hall (Cygwin) wrote: > On 4/12/2013 7:49 PM, Andrey Repin wrote: > >Greetings, Cary Lewis! > > > >>Are there any plans to add /dev/tcp/... support in Cygwin? > > > >Any use cases for that? >=20 > Here's one: >=20 > >=20 > Bye, bye Chrome. ;-) I have really mixed feelings about this feature of Bash. It can be a real lifesaver on systems where tools like wget, curl or even netcat are missing. On the other hand, it could be a big security risk: http://www.gnucitizen.org/blog/reverse-shell-with-bash/ http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet Despite the ease of allowing a reverse shell or some other exploit to occur, I think there are far more powerful and exploitable holes in a system than Bash. But maybe I'm just not paranoid enough... --=20 Erik Falor http://unnovative.net Registered Linux User #445632 http://linuxcounter.net --4LFBTxd4L5NLO6ly Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlFo08UACgkQpMTu6iYtwsfi4gCgnzHvRCD2Z5yrZ8ZX5sk5XawK JGwAn0fDg8M7D3CE5/Sfnlw2zBp4qm6o =y5m/ -----END PGP SIGNATURE----- --4LFBTxd4L5NLO6ly--