Skip to content

Commit

Permalink
Fix shebang in bash build scripts
Browse files Browse the repository at this point in the history 
Looking for BASH in the environment instead of invoking it directly
enables attacks where malware could escalate privileges by pointing BASH
to itself and tricking the user into entering a superuser password when
a user invokes our script, a familiar request the user may be expecting.
  • Loading branch information
@kj4ezj
kj4ezj committed Mar 17, 2023
1 parent 0697aa3 commit 03b1ebd
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion scripts/install_deps.sh
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash

apt-get update
apt-get update --fix-missing
Expand Down
2 changes: 1 addition & 1 deletion scripts/pinned_build.sh
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash
set -eo pipefail

echo "Leap Pinned Build"
Expand Down

0 comments on commit 03b1ebd

Please sign in to comment.