You may have heard about the "Shellshock" or "Bash" vulnerability that is affecting many UNIX-like operating systems. While all of Sitemason's servers run Linux, it is important to understand that one must have command-line (shell) access to the operating system in order to expose the vulnerability. There are two ways to get that: 1) be able to log into the server or 2) be able to execute a command on the server. However, it is important to know that:
- Sitemason does not give shell access to anyone outside of our company's systems personnel.
- PHP running on Sitemason's servers cannot execute system commands.
We will patch our operating systems appropriately, but simply by nature of keeping our servers' doors shut and locked, your Sitemason-based website will be unaffected by this vulnerability.