-
All replies
-
Helpful answers
-
Oct 8, 2014 7:10 AM in response to sonalnjby QuickTimeKirk,You'll need to upgrade your version of OS X to apply Apple's "patch".
-
Oct 8, 2014 11:03 AM in response to sonalnjby scott01,I also run 10.6.8. You can check its vulnerability to shellshock by pasting this line into Terminal (in /Applications/Utilities):
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
You will find that the version of bash in 10.6.8 is "vulnerable."
If you don't want to "upgrade" your OS, but want to use Apple's bash updater for Lion, read this: "How to create a ‘Shell Shock’ Bash Update installer for OS X 10.6"
I have not tried this fix yet myself, so I can't vouch for its safety, but Apple has left loyal Snow Leopard users little choice. (I also run Mavericks -- when I absolutely have to -- and infinitely prefer Snow Leopard.)
-
Oct 8, 2014 4:54 PM in response to sonalnjby BobHarris,How do I check if my macbook with 10.6.8 is protected from shellshock?
If you do not run a web server that also uses CGI scirpt which also use bash scripts or go through bash to invoke the script,
AND you do not allow anonymous users to ssh into your Mac, such as you run a GITHub source code control system allowing strangers to access the sources,
AND you do not enable the Common Unix Printing System (CUPS) web interface,
then you are unlikely to have any risk from ShellShock.
But if you are worried, follow the suggestions provided by others. Or consider upgrading to a newer version of Mac OS X.
-
Dec 27, 2014 7:50 AM in response to sonalnjby virtualruffy,shellshock fix and network time protocol fix in thread Snow Leopard users: Turn off automatic date and time in System Preferences immediately
or get both at https://drive.google.com/folderview?id=0BxQCbeIgpA2uVjFiN1h4bGZNQ2c&usp=sharing