From 0021c29f7f25a5020091182c690407a753f933e4 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Mon, 19 Oct 2015 14:46:24 -0400
Subject: fixed join/shutdown problem, moving browsers and mail clients to a
 --shell=none default in profile files

---
 todo | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'todo')

diff --git a/todo b/todo
index 588eac18c..c9003c4d7 100644
--- a/todo
+++ b/todo
@@ -69,5 +69,18 @@ profile_syntax.exp (profile syntax)
 fs_chroot.exp (chroot as user)
 private-etc.exp
 
+8. Disable /dev/tcp in bash. Compiled time: --enable-net-redirections, --disable-net-redirections
+ksh and zsh seem to have it.
 
+Tests:
+a)
+cat </dev/tcp/time.nist.gov/13
+
+b)
+exec 3<>/dev/tcp/www.google.com/80
+echo -e "GET / HTTP/1.1\r\nhost: http://www.google.com\r\nConnection: close\r\n\r\n" >&3
+cat <&3
+
+c) A list of attacks
+http://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
 
-- 
cgit v1.2.3-54-g00ecf