If you haven’t heard about the bash “shellshock” bug yet, it may be time to peek out from underneath the rock you’ve been under ;). While bash isn’t installed as standard on FreeBSD, there’s a very good chance that someone either installed it because it’s their preferred shell or because one of the ports lists it as a dependency. Either way, now would be a really good time to check if your machine has bash installed if you haven’t done so already. Go on, I’ll wait.

Anyhow, right now you really need to check for updates on the bash port on a daily basis as the updates are coming in at a pretty furious rate. I’m guessing we’ll be back to normal pretty soon, but right now with exploits already in wild, your server will need some extra grooming.

Of course the other, simpler option is to uninstall bash, unless one of the ports you are using has it as a dependency…

Leave a Reply