BASH

BASH

The GNU Bourne-Again SHell

Mehmet Keçeci

28.09.2014

BASH

Bugünlerde en çok konuşulan konulardan biri de Heartbleed’den sonra ki BASH veya Shellshock Bug’u, böceği yani işletim sistemi (İS, OS, Operating System) açığı. Bu açık GNU işletim sistemlerini, Unix-base, Unix-tabanlı işetim sistemlerini etkilemektedirler. Unix-tabanlı işletim sistemleri Debian, BSD, Linux, MacOS, Android, iOS vs. BASH bir Shell, kabuk veya CLI, komut dili yorumlayıcısı (command language interpreter) veya command-line interpreter, komut-satırı yorumlayıcısıdır. Örnek için [1]. Farklı shell türleri vardır. Örneğin: Bourne shell (sh), Almquist shell (ash), Debian Almquist shell (dash), BASH (Unix shell, bash), Korn shell (ksh), Z shell (zsh), C shell (csh), TENEX C shell (tcsh), Ch shell (ch), Emacs shell (eshell), friendly interactive shell (fish), rc shell (rc), Scheme Shell (scsh), Stand-alone Shell (sash), BeanShell, Remote/Restricted shell (rsh).

Yormlayıcı/Interpreter: Yazılım dilindeki bir talimatı çalışması için bir sonraki  talimatına çevirir. Yüksek Seviyeli (High-Level) bir dil ile yazılan komutu makina diline çevirir.

Unix komut yorumlayıcıları Shell, kabuk olarak adlandırılırlar.

Bash is the shell, or command language interpreter, that will appear in the GNU operating system. Bash is an sh-compatible shell that incorporates useful features from the Korn shell (ksh) and C shell (csh). It is intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. It offers functional improvements over sh for both programming and interactive use. In addition, most sh scripts can be run by Bash without modification. Bash is quite portable. It uses a configuration system that discovers characteristics of the compilation platform at build time, and may therefore be built on nearly every version of UNIX. Ports to UNIX-like systems such as QNX and Minix and to non-UNIX systems such as OS/2, Windows 95/98, and Windows NT are available. [2]

Rusça/Russian:

Bash – оболочка операционной системы, или интерпретатор команд операционной системы,  которая появится в операционной системе GNU. Bash является SH-совместимая оболочкой, совмещающей некоторые полезные функции оболочки Korn (ksh) и C Shell (csh). Она сконструирована, чтобы соответствовать IEEE POSIX P1003.2/ISO 9945,2 Shell и стандартным инструментам. Она предоставляет функциональную среду sh для программирования и интерактивного использования. Кроме того, большинство sh скриптов могут быть запущены Bash без изменений. Bash вполне портативен. Он использует конфигурацию системы, которая обнаруживает характеристики платформы компиляции во время сборки, и поэтому может быть построен практически на каждой версии UNIX. Порты для UNIX-подобных системах, таких как QNX и Minix и не-UNIX систем, таких как OS / 2, Windows 95/98 и Windows NT доступны. [3]

Sırp-Hırvatça/Serbo-Croatian:

Bash je omotač, ili prevodilac komandnog jezika, koji će se pojaviti u GNU operativnom sistemu. Bash je sh-kompatibilni omotač koji sadrži korisne funkcije iz Korn shell (ksh) i C shell (csh). Namera je da se povinuje IEEE POSIX P1003.2/ISO 9945.2 Shell i standardnim alatima. Nudi funkcionalna poboljšanja u odnosu na sh za programiranje i interaktivno korišćenje. Pored toga, većina sh skripti može da se pokrene sa Bash bez modifikacije. Bash je prilično prenosiv. On koristi konfiguracioni sistem koji otkriva karakteristike kompilacione platforme za vreme izgradnje, i zbog toga može biti izgrađen na skoro svakoj verziji UNIX-a. Portovi na UNIX sistemima kao što su QNX i Minix i na ne-UNIX sistemima, kao što su OS/2, Windows 95/98 I Windows NT su na raspolaganju. [4]

Çekçe/Czech:

Bash je shell nebo příkazový interpret, který se objeví v operačním systému GNU. Bash je jedním z sh-kompatibilních skořápka, která přináší užitečná vylepšení z Korn shellu (ksh) a C shellu (csh). Je určena k odpovídat IEEE POSIX Shell a P1003.2/ISO 9945,2 Nástroje standardu. Nabízí funkční zlepšení oproti sh jak pro programování a interaktivní využití. Navíc, většina sh skripty se spustí Bash bez úprav. Bash je velmi přenosný. Používá konfigurační systém, který zjišťuje vlastnosti kompilace platformy okamžiku sestavení, a může být tedy postavena na téměř každé verzi systému UNIX. Porty na unixových systémech jako QNX a Minix a non-UNIX systémů, jako je OS / 2, Windows 95/98 a Windows NT jsou k dispozici. [5]

Bash ile yapılabilecekler:

  1. Command line editing
  2. Unlimited size command history
  3. Job Control
  4. Shell Functions and Aliases
  5. Indexed arrays of unlimited size
  6. Integer arithmetic in any base from two to sixty-four [6]

Yeni başlayanlar için Bash Shell kılavuzları. [7, 8, 9]

IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. [10]

Kurulum: Yazılım Merkezinden/Software Center doğrudan kurabileceğiniz gibi komut satırındanda kurabilirsiniz. Son güncellemeyi indirmeden doğrudan kurulum yapabilirsiniz.

Komut satırına:

$ wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
$ tar -zxvf bash-4.3.tar.gz

$ sudo apt-get/yum install bash

$ echo $BASH_VERSION
4.3.24(1)-release

Açık için güncellemeleri devamlı yapmanız gerekir.

Ubuntu:

$ sudo apt-get update

$ sudo apt-get upgrade

$ apt-get install –only-upgrade bash

$ sudo apt-get dist-upgrade

$ sudo apt-get upgrade bash

sudo dpkg-reconfigure unattended-upgrades

veya

RedHat, Fedora, CentOS, Tails, BioLinux, Scientific Linux

yum clean all
$ sudo yum -y update bash

$ yum update bash -y

$ sudo yum update bash

Arch Linux:

pacman -Sy bash

OS X (Mavericks, Mountain Lion, Lion): brew [16]

brew update
brew install bash
sudo sh -c ‘echo “/usr/local/bin/bash” >> /etc/shells’
chsh -s /usr/local/bin/bash
sudo mv /bin/bash /bin/bash-backup
sudo ln -s /usr/local/bin/bash /bin/bash

MacPort:

sudo port self update
sudo port upgrade bash

ile eski bash versiyonunu güncelleyebilirsiniz. Daha sonra Uç Birim/Terminal/Konsoldan şu komutu verelim.

$ env x='() { :;}; echo vulnerable/Savunmasız‘ bash -c “echo this is a test/Bu bir testir”

enter’a bastığımızda “vulnerable/Savunmasız” yazısı çıkıyor ise sisteminiz açıktır ve güncelleme gerekir. Güncelledikten sonra sadece “this is a test/Bu bir testir” yazısı geliyor ise sisteminiz güncellenmiş açık kapatılmıştır.

veya

$ env ‘VAR=() { :;}; echo Bash is vulnerable/savunmasızdır!’ ‘FUNCTION()=() { :;}; echo Bash is vulnerable/Savunmasızdır!’ bash -c “echo Bash Test/Testir”
Sonuç “Bash Test/Testir” şeklinde ise güncellemeniz tamamdır.

$ rpm -qa bash

veya

$ bash –version

komutları ile versiyon numarasını öğrenebilirsiniz.

Kaynaklar/References:

  1. http://www.cs.cmu.edu/afs/cs.cmu.edu/misc/avs/common/omega/doc/devguide/ch05.ps
  2. http://tiswww.case.edu/php/chet/bash/bash-intro.html
  3. http://www.azoft.com/edu/bash.html
  4. http://science.webhostinggeeks.com/bash-bourne
  5. http://led24.de/blog/bash-bourne-shell-znovu
  6. http://www.gnu.org/software/bash/bash.html
  7. http://www.gnu.org/software/bash/manual/bash.html
  8. http://ftp.gnu.org/gnu/bash/
  9. http://tldp.org/LDP/Bash-Beginners-Guide/html/chap_01.html
  10. http://standards.ieee.org/findstds/interps/1003-2-92_int/index.html
  11. http://www.chintech.org/chinwiki/index.php/IEEE_POSIX_P1003.2/ISO_9945.2
  12. https://wiki.ubuntu.com/Security/Upgrades
  13. http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-6271.html
  14. https://access.redhat.com/articles/1200223
  15. http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability
  16. http://brew.sh/index_tr.html
  17. https://shellshocker.net/#fix
  18. https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability
(Visited 21 times, 1 visits today)
Mehmet Keçeci on FacebookMehmet Keçeci on GithubMehmet Keçeci on GoogleMehmet Keçeci on InstagramMehmet Keçeci on LinkedinMehmet Keçeci on PinterestMehmet Keçeci on RssMehmet Keçeci on TwitterMehmet Keçeci on VimeoMehmet Keçeci on WordpressMehmet Keçeci on Youtube
Mehmet Keçeci
Physicist
Mehmet Keçeci (Kececi, Kecheci)
PhD. Candidate, 2001-2003
Master of Science in Physics (MSc.): Fizik Bilim Uzmanı (1998-2001)
Occupational Safety Specialist, OSS: İş Güvenliği Uzmanı, İGU, 2016
Portion of Lesson is finished 2001-2003 (PhD. Doctorate - Physics)
Physicist: Fizikçi

Mefumetto Kecheji
メフメット ケチェジ
めふめつと けちえじ
محمت (محمد) كچه‌جى
Мехмет Кечеджи

Research Areas: Quantum Field Theory (QFT), Instanton, Conformal Field Theory (CFT), High Energy Physics (HEP), Particle Physics, High Magnetic Fields, Hydrocarbons Behaviour, Biophysics, Astrophysics, Cosmology, Cosmogony, Bioinformatics, Programming Languages, Web Servers, Information Technology (IT), Software, Operating Systems (OSs), History of Science and Technology, Philosophy of Science, Ethics, Science and Technology Management, Leadership, Morals and Religion, Interdisciplinary Relationship, Health Information System (HIS), Occupational Safety, Data Bases, Big Data, Superconductivity, Medical Physics, Radioactivity, Internet of Things (IoTs), Mathematical Physics, Electronics, Intelligent Systems, Education, Physics Education, Philosophy of Physics, Book/e-Book Publish & Edit, CMS, SEO, E-Learning, LMS, L&D, Open Digital Badges, Blockchain.

Affiliation Scientific Journals, Duty at International Scientific Publications: Reviewer

International Scientific Programs: Member of Technical Program Committee (TPC)

International Papers: 2n-Dimensional at Fujii Model Instanton-Like Solutions and Coupling Constant's Role between Instantons with Higher Derivatives. Turkish Journal of Physics
Turk. J. Phys., 35, (2011), 173-178. Mehmet Keçeci
DOI: 10.3906/fiz-1012-66

Online CV (Keçeci Model CV)
1. https://issuu.com/hiperteknoloji/docs/cv-mk (English: Keçeci Model CV, updated: Güncellenen)
2. https://www.kotobee.com/ebook/mkececi#/loading (English: Keçeci Model CV)
3. https://education.microsoft.com/Story/Lesson?token=v9eGC (English)
4. https://education.microsoft.com/Story/Lesson?token=k0o4P (Turkish)
5. https://1drv.ms/o/s!AhhtzpemsW4-hGelP3_wPK3xU9al (English)
6. https://1drv.ms/o/s!AhhtzpemsW4-hGvMecE0bYVR2I3N (Turkish)
7. https://www.youtube.com/watch?v=jq2r7-suRkw
8. https://vimeo.com/218462945
9. http://fliphtml5.com/bookcase/fxth
10. https://mix.office.com/watch/iqdf24j1efu4
11. https://docs.google.com/presentation/d/1ZR8BapjoTxcyuY-YuPFUUZvtHTiJRawEFNsn0f2XjX4/pub
12. https://sway.com/2CKhCaImWnWPz83I
13. https://docs.com/kececi/6848/kececi-model-cv
14. https://www.slideshare.net/hiperteknoloji/kececi-model-cv
15. https://issuu.com/hiperteknoloji/docs/cv-mk
16. https://education.microsoft.com/Status?token=EeDJmtL6

Leave a Comment