[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bash security issue
From: |
Shawn H Corey |
Subject: |
Re: Bash security issue |
Date: |
Thu, 25 Sep 2014 11:45:06 -0400 |
On Thu, 25 Sep 2014 08:55:45 -0600
Eric Blake <address@hidden> wrote:
> On 09/25/2014 07:51 AM, Bob Friesenhahn wrote:
> > It may be that some users of 'autoconf' will be at risk due to the
> > dire bash security bug described at
> > "http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/".
> >
> > Take care that the environment is carefully vetted.
>
> There's nothing that ./configure can do to avoid the buggy bash, but
> it may indeed be worth patching autoconf to generate configure
> scripts that issue a loud warning if the buggy shell is detected on
> the user's system. I'll look into doing that.
>
You may be premature. I think the patch will be out before Monday. If
so, your effort will be wasted. :)
--
Don't stop where the ink does.
Shawn
- Bash security issue, Bob Friesenhahn, 2014/09/25
- Re: Bash security issue, Eric Blake, 2014/09/25
- Re: Bash security issue, Eric Blake, 2014/09/25
- Re: Bash security issue,
Shawn H Corey <=
- Re: Bash security issue, Ralf Corsepius, 2014/09/29
- Re: Bash security issue, Eric Blake, 2014/09/29
- Re: Bash security issue, Ralf Corsepius, 2014/09/29
- Re: Bash security issue, Paul Eggert, 2014/09/29
- Re: Bash security issue, Henrique de Moraes Holschuh, 2014/09/29
- Re: Bash security issue, Eric Blake, 2014/09/29
- Re: Bash security issue, Nick Bowler, 2014/09/29