Hi Raphael,
> When you say "upstream" here, you refer to login or dropbear?
> You are explaining that the distinction in the PATH set for root and
> non-root already exists in login... so you agree that a similar change
> ought to be done in dropbear, is that correct ?
Dropbear "upstream" will
Hello Matt,
thanks for the quick answer!
On Mon, 09 Jul 2018, Matt Johnston wrote:
> > When dropbear is used in a very restricted environment (such as in a
> > initrd), the default user shell is often also very restricted
> > and doesn't take care of setting the PATH so the user ends up
> > with
> When dropbear is used in a very restricted environment (such as in a
> initrd), the default user shell is often also very restricted
> and doesn't take care of setting the PATH so the user ends up
> with the PATH set by dropbear. Unfortunately, dropbear always
> sets "/usr/bin:/bin" as default
Control: severity -1 minor
Hi Raphael,
On Mon, 09 Jul 2018 at 16:27:53 +0200, Raphael Hertzog wrote:
> For a concrete instance of this problem, see the "Remote Unlocking"
> section in this tutorial:
> https://paxswill.com/blog/2013/11/04/encrypted-raspberry-pi/
I don't mind the patch but FWIW,
Source: dropbear
Version: 2018.76-1
Severity: normal
Tags: patch
User: de...@kali.org
Usertags: origin-kali kali-patch
When dropbear is used in a very restricted environment (such as in a
initrd), the default user shell is often also very restricted
and doesn't take care of setting the PATH so
5 matches
Mail list logo