Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins

X-seq: zsh-workers 54188
From: cyber security <cs7778503@xxxxxxxxx>
To: Oliver Kiddle <opk@xxxxxxx>, cyber security <cs7778503@xxxxxxxxx>, zsh-workers@xxxxxxx
Subject: Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
Date: Thu, 12 Feb 2026 07:46:20 -0800
Arc-authentication-results: i=1; mx.google.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=SGnwEemgPieRXxqsErN7b704wNvwc7aoWH6qwUAUlx0=; fh=LCGiRGiH9gEM1MI0rlBa7KMn+bSYSGtb9gfMKPXA52s=; b=ggSlNeUxS1Q8ClrlxUzUJ6qz04rfXQ1KLtXUW1SvED5g/C9y320XoUlSl+8bibf7DH l3ansayaWf8TFZyBsWhWXO/0P84e01irFtwhamEyVydxdTjAoOEiZSXwJNS8iPhWZw9C 23FnDU3PJo+oxCdvjZbWepj0q7aKzdiQz4DMxEpnlrvl+kUkad07LjgiZHQdhpVFOcBw p9Gh78i6o4KHYjTsoTfu+zOytcIxpMsN/VzrHADlfxYhOPor5D1O5wSGvO5MEXM0zn1k +LCHeCAkV3oiT+9idJIWoKYJ0Hfh1164FOGLPrwIuUmxzFRigXMMYzo/P9gE3booFFpf 9XuA==; darn=zsh.org
Arc-seal: i=1; a=rsa-sha256; t=1770911179; cv=none; d=google.com; s=arc-20240605; b=ZHGJp7Isz/JRj2GkEQlpp3liSOlt3q1lYIT9f4XpHgIimZGgAdjoEupSAhW5b1k0bE T8jXJbvooO8Y0bqfH8e7vPRdznWGPiVoQEtfAuZJEFSayEYJkqicE0HyheVbThwo1xou IQvuzQbxhIyyf8h44m30WO+Qrqbl7oaq+SZlaYm31Mw5yIoOE5/K2v6nYbQQjPh7QOF+ 7FkNwQgfcRVQ9IoCg3z4s1VHVZttHmfrQw5y2jMb1Qp8uzjLa5/8bZPvXzvCI7Vp3Z1r 6ASqN5+XSCBpmnDdUByUvOxY/9S+2O7RD0TLk2Tw9KIHvcaBW784UH3g6vU5KMq3w/mw 3+JQ==
Archived-at: <https://zsh.org/workers/54188>
In-reply-to: <20260212T154126Z.QZvhXK3OcTu2@fnord.qqx.org>
List-id: <zsh-workers.zsh.org>
References: <CAPmip_z18_wQBZ09GG7TEKZ0GsTqQ34iZRvhsMAExOLSCcdQsg@mail.gmail.com> <72787-1769800688.979791@U6Lk.sn9M.AyYc> <CAHYJk3T4W+U3mCzqGB7LUkJp-JuUSiEBNe4hx0e-=zMyZQuPGQ@mail.gmail.com> <62255-1769947817.277408@Fj-1.JoGb.8iVT> <59616-1770769280.438132@XTM7.n7uI.5s3U> <20260212T154126Z.QZvhXK3OcTu2@fnord.qqx.org>

Yes, I agree.

On Thu, Feb 12, 2026 at 7:41 AM Aaron Schrab <aaron@xxxxxxxxxx> wrote:
>
> At 01:21 +0100 11 Feb 2026, Oliver Kiddle <opk@xxxxxxx> wrote:
> >On 1 Feb, I wrote:
> >> On further deliberation, I think we should just drop the whole
> >> restricted mode feature. The documentation has carried a warning that
> >> "the feature may be removed in future" for the past six years.
> >
> >Nobody argued for a reprieve so a patch to get rid of it follows.
> >
> >This does leave the option in existence but it does nothing. That's
> >just for backwards compatibility with old set -o or setopt commands.
>
>   Having the option do nothing sounds like a bad idea to me. If someone
>   is maintaining a system that tries to use restricted mode for security
>   updates their version without reading about this, they'll lose the
>   security that the option had provided.
>
>   I think a better approach would be to have the shell exit with an error
>   if someone tries to use restricted mode.

References:
- Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
  - From: cyber security
- Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
  - From: Oliver Kiddle
- Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
  - From: Mikael Magnusson
- Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
  - From: Oliver Kiddle
- Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
  - From: Oliver Kiddle
- Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins
  - From: Aaron Schrab

Messages sorted by: Reverse Date, Date, Thread, Author