| I got tired of the hype. How's the following code for a mitigation? Basically, if some program does invoke /bin/bash, control first passes to this code which truncates suspicious environment variables. (and it dumps messages to the system log if/when it finds anything...) The check should match for any variety of white space: =(){ =() { = ( ) { etc... but feel free to update it for whatever other stupid things bash allows. The code is at http://ad5ey.net/bash_shock_fix.c Simple usage: cd /bin gcc -std=c11 -Wall -Wextra bash_shock_fix.c -o bash_shock_fix mv bash bash.real ln -s bash_shock_fix bash phoenix(pts/1):~bin# ls -al bash* lrwxrwxrwx 1 root root 14 Sep 27 00:23 bash -> bash_shock_fix -rwxr-xr-x 1 root root 1029624 Sep 24 14:51 bash.real -rwxr-xr-x 1 root root 9555 Sep 27 00:23 bash_shock_fix -rw-r--r-- 1 root root 2990 Sep 27 00:23 bash_shock_fix.c phoenix(pts/1):~bin# |