unsafe bash executions #451

childnode opened this Issue Aug 8, 2016 · 2 comments


None yet

2 participants


e.g. sdkman-install.sh uses mkdir that is not a more or less secure bash function but might be overloaded by a simple user function. So, you should update any calls to mkdir to s.th. like /usr/bin/env mkdir to not execute the user function if it exist but the real mkdir binary.

This expands to many others like: rm, etc. too!

marc0der commented Aug 8, 2016

Pull requests welcome!


#lock /me is working on that

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment