[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bash security issue

From: Linda Walsh
Subject: Re: Bash security issue
Date: Fri, 26 Sep 2014 13:22:11 -0700
User-agent: Thunderbird

Eric Blake wrote:

They are not portable to broken bash.  But the argument in these threads
is that bash's implementation of function exports should be changed so
that _fixed_ bash will once again be POSIX compliant and let this
bog-standard assignment work regardless of contents.  If Chet accepts
Florian's patch [1] to change function exports to use BASH_FUNC_foo()=
instead of foo= (which is what Red Hat is already using in their fixes
pushed today), then this POSIX compliance bug in broken bash will be

[1] http://www.openwall.com/lists/oss-security/2014/09/25/13

IS this added only in memory? I.e. no changes to source code?

What prevents BASH_FUNC_foo = '(){ :; ...';

Why is there a need for a long prefix on top of switching
the ()/= order?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]