How to create a ‘Shell Shock’ Bash Update installer for OS X 10.6

PackageIconXIn response to the Shell Shock bug found in the Bash command line interpreter included in OS X, Apple issued several updates to tackle the issue. However, these updates are for supported versions of OS X only, meaning those who are using OS X 10.6 Snow Leopard or earlier will not receive an update.

If you are one of these people who is still using Snow Leopard, then there are a couple of approaches you can take to fix Bash on your system. First, you can download, patch, and compile your own version of Bash according to the instructions outlined here. This is my recommended approach, but it will need to be done on each system you have, and also may be daunting for some users who do not wish to install XCode and run numerous Terminal commands.

The second approach is to simply modify Apple’s Bash Updater so it will run on OS X 10.6 or earlier. To do this, you need to edit a small script in the installer package, which can be done with the following steps (only two Terminal commands are used):

  1. Download the recent Bash Update for OS X Lion
  2. Mount the .dmg file, and copy the .pkg file within it to your desktop
  3. Open the Terminal and run the following command (simply copy and paste it): 
    pkgutil --expand ~/Desktop/BashUpdateLion.pkg ~/Desktop/modified
  4. Open the new folder called “modified” on your desktop, and then use TextEdit to open the file called Distribution (right-click it and choose Other from the Open With menu, and then select TextEdit from your Applications folder).
  5. Locate the functions called “InstallationCheck(prefix)” and “VolumeCheck(prefix)” in the file (they are the only items that begin with the word “function”) and edit them by replacing all the contents of the functions between the first and last braces with “return true;” so they look like the following: 
    function InstallationCheck(prefix) {
     return true;
}
function VolumeCheck(prefix) {
     return true;
}

    When done, the entire file’s contents should look like the following. Note that if you are not sure where to edit, then simply copy the following text and replace the entire contents of the Distribution file with it (I have highlighted the modified functions in red text):

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<installer-gui-script minSpecVersion="1">
<options hostArchitectures="i386" customize="never"/>
<title>SU_TITLE</title>
<script>
</script>
<volume-check script="VolumeCheck()"/>
<installation-check script="InstallationCheck()"/>
<script>
function InstallationCheck(prefix) {
     return true;
}
function VolumeCheck(prefix) {
     return true;
}
</script>
<license file="License.rtf"/>
<readme file="SUDescription.html"/>
<choices-outline>
<line choice="manual"/>
</choices-outline>
<choice id="manual" title="SU_TITLE">
      <pkg-ref id="BashUpdateLion" auth="Root">#BashUpdateLion.pkg</pkg-ref>
</choice>
<pkg-ref id='BashUpdateLion' installKBytes='3906' version='1.0.1.1306847324'/>
<pkg-ref id='BashUpdateLion' installKBytes='3906' version='1.0.1.1306847324'/>
</installer-gui-script>
  6. Press Command-S to save the file, and then quit TextEdit.
  7. Return to the Terminal and run the following command (copy and paste the entire line into the Terminal): 
    pkgutil --flatten ~/Desktop/modified ~/Desktop/BashUpdateModified.pkg

When you have completed this last step, you will see a new .pkg file located on your desktop called “BashUpdateModified.pkg,” and you can now open it on your OS X 10.6 system and have it install the patched version of Bash that Apple included in this updater. You can then copy this installer to another Snow Leopard system and run it there, if needed.

Keep in mind that even though this Bash version should work just fine for practically all uses, it was neither built nor tested specifically on versions of OS X prior to Lion, so there is a possibility that some functions may not work properly. This is just a precaution to be aware of, since most if not all built-in OS X functions should work just fine with this version of Bash.

As always, before doing any modification to your system, be sure you make a full backup of your Mac using Time Machine or a system cloning tool, and then ensure all services, programs, and other features of your Mac are running as expected (most should be just fine).

Thanks to MacIssues reader James Trim for writing in with instructions about this approach.

19 thoughts on “How to create a ‘Shell Shock’ Bash Update installer for OS X 10.6

  1. hacksagogo

    A despicable, shameless copy of my (yesterday) blog post. Yes, the link I posted in the comments in your site that you deleted. Dude, you should learn to give credit where credit is due. Google for hacksagogo bash installer to see the original not this shameless copy of the idea.

    1. Argaijo

      I can confirm that hacksagogo posted the solution before than this site. Ir would be fair that the author of this post indicate the source of his inspiration.

    2. Topher Kessler Post author

      First, I do not delete any post unless it is inflammatory. This site has automatic filters that either prevent posts that contain inappropriate content, or scans and removes them or content from them based on a number of criteria (for instance, curse words) will be masked, edited, or deleted.

      Second, I received word of this modification yesterday morning from reader James Trim, who I do credit with mentioning it to me.

      1. hacksagogo

        Deleted, yes. And not once but twice. One comment is still there but the link has been rmvd. Antoher was rmvd entirely. Automatic filters? Yeah, let me LOL.

          1. hacksagogo

            Copied me without changing a period or a comma:

            function InstallationCheck(prefix) {
            return true;
            }
            function VolumeCheck(prefix) {
            return true;
            }

            Shameful…

          2. Jim Trim

            Mr. Hacksagogo….why did you delete the comment I posted on your blog? You set it to await moderation, and then simply deleted it instead of allowing proper discussion about how your “hack” is in fact just a reiteration of general knowledge stemming from MacWorld and other places.

            As for the functions, yes you return true for a function by replacing the function’s contents with “return true,” followed by a semicolon. This is called javascript syntax, and you cannot claim it as yours. As for the function’s names and arguments, those are the ones Apple implemented, so if you insist they belong to you then you are simply ripping off Apple.

            …give it a rest.

    3. Jim Trim

      Wow…shameless? For the record, I have been in discussion with Topher about this as a possibility (based on a hint from MacWorld), in an ongoing conversation since Apple’s updates were made available several days ago. Hacksagogo seems to be the one ripping people off here, but honestly, this is general knowledge, and in addition, this uses a different approach to the modification, so kudos to Topher for posting it in a clear and easy-to-understand way.

    4. Lawrence

      I think I will take Topher’s explanation over some anonymous poster with a self aggrandizing name.

  2. Jon

    Pot, meet kettle.

    If Topher used “hacksagogo” as a source, of course he should have acknowledged that, but “hacksagogo” didn’t acknowledge _his_or_her_ source, either!

    These hacks for installers have been around for a long time — see the _nine_year_old_ post at http://hints.macworld.com/article.php?story=20051020225050145&mode=print or the 2012 post at https://discussions.apple.com/thread/4134952?tstart=0, for example.

    Also, although “hacksagogo” may have posted the “hack” first, Topher’s post is much more complete and easier to follow.

    As is typical of Topher’s posts, it is very explicit about what a user needs to do. Topher’s post also describes how to modify the installer without downloading and installing “PackageMaker” (which is required for hacksagogo’s instructions to work, but his original instructions neglected to mention how to download PackageMaker). Topher’s post also links to the MacIssues.com article about rolling your own version of bash, which is what he recommends.

    Another, third way to protect against Shell Shock is being distributed by one of the TenFourFox developers, see http://tenfourfox.blogspot.com/2014/09/bashing-bash-one-more-time-updated.html.

  4. B. Jefferson Le Blanc

    Thank you Tim and Topher for this hint. I followed your instructions to create the Snow Leopard version of the Bash update. I’ll test it on a non-critical version of Snow Leopard to see what effects, if any, it will have on the system.

  5. baltwo

    No need to make your own. From MacInTouch, Matthew Schmeer reports that “Over at the MacRumors PowerPC sub-forum, a member by the name of Intell (who has a track of record of trustworthiness among PowerPC enthusiasts on those boards) has compiled an installer [Bash Patch.zip] for the patched version of bash from the TenFourFox blog.” Get it at:

    http://forums.macrumors.com/attachment.php?attachmentid=499784&d=1412217997” target=”_blank

  6. Arthur Visser

    Eh…
    How about OS X 10.5.8? I have still two old XServes running with the original OS X 10.5.8 Server, awaiting new Mac Mini’s.

    1. Simon Andersen

      Have look here for a maybe all together better solution:

      https://appleit.utah.edu/wiki/pages/o3N636k9/Bash__OS_X_GNU_Bash_Installer_for_OS_X_105__OS_X_1010.html

Comments are closed.