From 3c527cc4721713be61d5e02a14d019feb16c3822 Mon Sep 17 00:00:00 2001 From: epriestley Date: Thu, 25 Sep 2014 11:21:11 -0700 Subject: [PATCH] Add a setup issue to detect systems vulnerable to "Shellshock" Summary: Ref T6185. Although it seems that we can't easily defuse or mitigate this, we can at least warn administrators. Test Plan: Ran on my (unpatched, local) system, got a setup warning. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T6185 Differential Revision: https://secure.phabricator.com/D10561 --- src/__phutil_library_map__.php | 2 + .../check/PhabricatorSetupCheckSecurity.php | 49 +++++++++++++++++++ 2 files changed, 51 insertions(+) create mode 100644 src/applications/config/check/PhabricatorSetupCheckSecurity.php diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php index a8f81bc6f6..ff0d0bb903 100644 --- a/src/__phutil_library_map__.php +++ b/src/__phutil_library_map__.php @@ -2256,6 +2256,7 @@ phutil_register_library_map(array( 'PhabricatorSetupCheckPath' => 'applications/config/check/PhabricatorSetupCheckPath.php', 'PhabricatorSetupCheckPygment' => 'applications/config/check/PhabricatorSetupCheckPygment.php', 'PhabricatorSetupCheckRepositories' => 'applications/config/check/PhabricatorSetupCheckRepositories.php', + 'PhabricatorSetupCheckSecurity' => 'applications/config/check/PhabricatorSetupCheckSecurity.php', 'PhabricatorSetupCheckStorage' => 'applications/config/check/PhabricatorSetupCheckStorage.php', 'PhabricatorSetupCheckTimezone' => 'applications/config/check/PhabricatorSetupCheckTimezone.php', 'PhabricatorSetupIssue' => 'applications/config/issue/PhabricatorSetupIssue.php', @@ -5240,6 +5241,7 @@ phutil_register_library_map(array( 'PhabricatorSetupCheckPath' => 'PhabricatorSetupCheck', 'PhabricatorSetupCheckPygment' => 'PhabricatorSetupCheck', 'PhabricatorSetupCheckRepositories' => 'PhabricatorSetupCheck', + 'PhabricatorSetupCheckSecurity' => 'PhabricatorSetupCheck', 'PhabricatorSetupCheckStorage' => 'PhabricatorSetupCheck', 'PhabricatorSetupCheckTimezone' => 'PhabricatorSetupCheck', 'PhabricatorSetupIssueExample' => 'PhabricatorUIExample', diff --git a/src/applications/config/check/PhabricatorSetupCheckSecurity.php b/src/applications/config/check/PhabricatorSetupCheckSecurity.php new file mode 100644 index 0000000000..f399d5302d --- /dev/null +++ b/src/applications/config/check/PhabricatorSetupCheckSecurity.php @@ -0,0 +1,49 @@ + '() { :;} ; echo VULNERABLE', + ); + + list($err, $stdout) = id(new ExecFuture('echo shellshock-test')) + ->setEnv($payload, $wipe_process_env = true) + ->resolve(); + + if (!$err && preg_match('/VULNERABLE/', $stdout)) { + $summary = pht( + 'This system has an unpatched version of Bash with a severe, widely '. + 'disclosed vulnerability.'); + + $message = pht( + 'The version of %s on this system is out of date and contains a '. + 'major, widely disclosed vulnerability (the "Shellshock" '. + 'vulnerability).'. + "\n\n". + 'Upgrade %s to a patched version.'. + "\n\n". + 'To learn more about how this issue affects Phabricator, see %s.', + phutil_tag('tt', array(), 'bash'), + phutil_tag('tt', array(), 'bash'), + phutil_tag( + 'a', + array( + 'href' => 'https://secure.phabricator.com/T6185', + 'target' => '_blank', + ), + pht('T6185 "Shellshock" Bash Vulnerability'))); + + $this + ->newIssue('security.shellshock') + ->setName(pht('Severe Security Vulnerability: Unpatched Bash')) + ->setSummary($summary) + ->setMessage($message); + } + + } +}