xochi Posted September 25, 2014 Share Posted September 25, 2014 FileMaker Server uses Apache on OS X, and edits the configuration file ( /private/etc/apache2/httpd.conf ) and enables apache. This means that if one is running filemaker server, one is (usually) running apache. The new 'shellshock' bug would seem to be a concern in this situation. I'm running a few OS X servers that have FM Server and Apache running. I've decided to stop apache this morning until I understand the risks. Background on shellshock : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 Link to comment Share on other sites More sharing options...
Lee Smith Posted September 25, 2014 Share Posted September 25, 2014 Is your FileMaker version 13 or 11? If 13, then please upgrade your Profile to show your current Version of FileMaker, OS and Platform. Here a quick link to your profile. MY PROFILE Link to comment Share on other sites More sharing options...
xochi Posted September 25, 2014 Author Share Posted September 25, 2014 Hi Lee - the profile doesn't let one choose multiple versions. I'm running FMS 11 and FMS 13 on different machines. I believe the vulnerability applies to any version of FMS which uses apache on Mac OS X, which I believe would cover 9, 10, 11, 12, and 13... Link to comment Share on other sites More sharing options...
Lee Smith Posted September 25, 2014 Share Posted September 25, 2014 (edited) the profile doesn't let one choose multiple versions. Your Profile should just reflect your current version! Just provide the other information so we know that you are thinking this is a broader problem other than 13. When you post it in the 13 topics, I have no way of knowing whether or not you just posted in the first topic, or if the question is about 13. We automatically assume that the Profile is correct a long with the other info. Also, why did you pick the General Topic over one of the Server Topics? I’m on my way out to meet with a client, I will pick this up later today. Edited September 26, 2014 by Lee Smith Rewrote the Reply. Link to comment Share on other sites More sharing options...
cbum Posted September 27, 2014 Share Posted September 27, 2014 I would be very interested in this as well. Link to comment Share on other sites More sharing options...
xochi Posted September 27, 2014 Author Share Posted September 27, 2014 The right thing to do would be to turn off the server / apache functions until Apple releases an update. Many of us can't wait that long. What I did: * shut down the server and think about it * found a bash fix which I trusted - recompiled it and installed it. For example : http://apple.stackexchange.com/questions/146849/how-do-i-recompile-bash-to-avoid-shellshock-the-remote-exploit-cve-2014-6271-an * restarted servers Link to comment Share on other sites More sharing options...
Dave Carmean Posted September 27, 2014 Share Posted September 27, 2014 Thank you Xochi! I followed the instructions in your link (apple stackexchange) for our Filemaker 11 server on mountain lion (client, not server). No problems. Update- I install the bash fix Friday night but did not restart the server until Monday morning. The bash fix does not require restarting the system, but the system logs will include some errors as the signature of the new bash does not correspond to the record until after a restart. And I always need to restart the web server [sudo apachectl graceful] after restarting the system. Link to comment Share on other sites More sharing options...
cbum Posted September 30, 2014 Share Posted September 30, 2014 Apple just released a patch for 10.7 - 10.9. I still need one for 10.6 .... Link to comment Share on other sites More sharing options...
Richard Fincher Posted October 12, 2014 Share Posted October 12, 2014 On some of my older Linux boxes, I had to recompile bash from source. This isn't going to be easy on a mac, as you'd need a c compiler first (like the one which comes with XCode) it is doable though. Link to comment Share on other sites More sharing options...
Recommended Posts
This topic is 3484 days old. Please don't post here. Open a new topic instead.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now