[File] /usr/bin and /bin
Christos Zoulas
christos at zoulas.com
Thu May 27 17:26:53 UTC 2021
Hi, I am annoyed by that too (but not yet to the level that I have sat down
to think how to fix it :-)
christos
> On May 27, 2021, at 12:55 PM, Steve Grubb <sgrubb at redhat.com> wrote:
>
> Hello,
>
> I was wondering something. There are distributions that have /bin and /sbin
> symlinked to /usr/bin and /usr/sbin respectively. Because files could be in
> either place, there are tests like:
>
> #!/bin/sh
> echo DEFANGED.2
> exit
> #!\ /bin/bash
> #!\ /usr/bin/bash
> #!\ /usr/local/bash
> #!\ /usr/local/bin/bash
>
> and the same would apply to any other script with a shebang. Could this be
> solved programmatically rather than having to do this throughout the magic db
> for every script? I'm thinking this could make the magic db smaller and lower
> the maintenance associated.
>
> Best Regards,
> -Steve
>
>
> --
> File mailing list
> File at astron.com
> https://mailman.astron.com/mailman/listinfo/file
>
>
> --
> This message has been 'sanitized'. This means that potentially
> dangerous content has been rewritten or removed. The following
> log describes which actions were taken.
>
> Sanitizer (start="1622134559"):
> SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
> Match (names="unnamed.txt", rule="9"):
> Enforced policy: accept
>
> Defanged UNIX shell script(s).
> Total modifications so far: 1
>
>
> Anomy 0.0.0 : Sanitizer.pm
> $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP
URL: <https://mailman.astron.com/pipermail/file/attachments/20210527/7f32ae55/attachment.asc>
More information about the File
mailing list