/bin/sh: 0: Illegal option -p

berdav / CVE-2021-4034

CVE-2021-4034 1day

MIT License

1.94k stars 508 forks source link

/bin/sh: 0: Illegal option -p #5

Closed oussama13 closed 2 years ago

oussama13 commented 2 years ago

Running the script, I receive /bin/sh: 0: Illegal option -p on raspbian stretch

owl4ce commented 2 years ago

I guess -p only available on bash, zsh, ksh. If using dash, you only need remove the -p option. Needs to clarify. https://github.com/berdav/CVE-2021-4034/blob/87ebfb4d70699dbd96239ba5a7fb0b290aa979f5/pwnkit.c#L10

berdav commented 2 years ago

Probably we can add something to the Makefile (e.g. a check) to set a global variable.

I've pushed a patch which does that to the branch issue-5-illegal-sh-option, it needs some test but I think it can work (if all the shells supports -i).

berdav commented 2 years ago

It was just a missing setuid(0); and setgid(0);

Fixed in master. Closing for now.