undefined | Better HN

0 pointseminence323y ago0 comments

Yeah, I'm familiar with PS1, but I was a bit surprised to learn that simple things that a PS1 script might do (git status, perhaps) are attack vectors. It seems that one big concern is the core.fsmonitor option (which I just learned about now). From the git-config man page:

> If set, the value of this variable is used as a command which will identify all files that may have changed since the requested date/time.

0 comments

gumby3y ago

> …PS1 script…

That’s where you should have been concerned. Just typing a bare return will run some arbitrary code, as you, wherever you might be in the filesystem. If all of that isn’t under your control, someone can do anything to you.

j / k navigate · click thread line to collapse

0 pointseminence323y ago0 comments

> If set, the value of this variable is used as a command which will identify all files that may have changed since the requested date/time.

0 comments

gumby3y ago

> …PS1 script…

j / k navigate · click thread line to collapse