Clearing the Command Hash
Problem
You need to make sure that your command hash has not been subverted.
Solution
Use the hash -r
command
to clear entries from the command hash.
Discussion
On execution, bash “remembers” the location
of most commands found in the $PATH
to speed up subsequent invocations.
If an attacker can trick root or even another user into running a command, they will be able to gain access to data or privileges they shouldn’t have. One way to trick another user into running a malicious program is to poison the hash so that the wrong program may be run.
Get bash Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.