The impact of the recent bash vulnerability is really a bit broad, and even Mac systems can't avoid it, and after you've updated the corporate server bash, now it's time to update my own MacBook bash.
1. To update bash, install the following components
Install command line Tools
Ruby-e "$ (curl-fssl https://raw.githubusercontent.com/Homebrew/install/master/install)"
The pop-up box lets the installation Xcode-select, as shown in figure:
Homebrew will not be installed until Xcode-select is installed.
2. Update Bash
The default bash version of the Mac system is 3.2.51 and we want to update to the latest version
sudo mv/bin/bash/bin/bash3.2.51
sudo ln-s/usr/local/bin/bash/bin/bash
GNU Bash, version 4.3.27 (1)-release (x86_64-apple-darwin13.4.0)
Ps:4.3.27 is currently the latest version
Then do the security settings for the backup bash:
sudo chmod a-x/bin/bash3.2.51
Env x= ' () {:;}; echo vulnerable ' bash-c ' echo this is a test
It means that the above bug has been fixed.
Env x= ' () {(a) => ' Sh-c "echo Date"; Cat Echo
If only date is output and there is no output time online, then the 2nd time the vulnerability is fixed, and there is a manual patch for bash on the web that will not pass the loophole.
If the above 2 vulnerabilities are not a problem, then you can try the 3rd one, this 3rd some say there are shows, some say no, anyway, I am here is not shown:
Env ls= ' () {echo vulnerable;} ' bash-c ls
If the vulnerable is not displayed, it means that the vulnerability has no effect on your machine.
Well, after the above repair, you can rest assured to do other things.
