FU shell / News: Recent posts

fush is developed on FreeBSD 5.2 Beta. Using the sourceforge compile farm, fush has now been ported to Linux (Debian, Redhat), Darwin(OS X 10.2) and Solairs (SunOS 5.9)! try it out!

a possibly exploitable format string vulnerability was found with the help of Tina Bird of Firewall Wizards fame on Friday Nov 21, 2003. This bug exists because format strings were not properly striped before a call to syslog from user supplied data. The bug has been fixed in version 0.6.0.

This bug can consistantly crash fush priot to version 0.6 by entering the string "%s %s" on the command line. While it may be possilbe to overwrite random memory by using the %n format string, it is beleived to not be possible to overwrite arbitrary with meaningful data because this buffer passed to syslog exists on the heap not the stack.... read more

first beta release! Download it now!
configure
make
make install
Sit back and relax as users are now fully loged and restricted from doing the nasty on your box.

The web page is up. Check it out. Many enhancements planed for next 2 weeks.

version 0.4 is now available. Documentation for version 0.4 is available ( README ), although limited. All core features are now available!!! With some work and refinement, version 1.0 should be available in about two weeks!

bug fixes and history support.

The foosh code is available and working! Shell features include, command redirect (output only ATM), pipes, background tasks, -c shell option, PROMPT environment variable, setting environment with export and putenv.