bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bash security issue

From: Chet Ramey
Subject: Re: Bash security issue
Date: Sat, 27 Sep 2014 18:21:30 -0400
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 
On 9/26/14, 10:51 AM, Steve Simmons wrote:
> 
> On Sep 26, 2014, at 10:36 AM, Eric Blake <eblake@redhat.com> wrote:
> 
>> . . . I _also_ agree that since function exports are NOT required by POSIX,
>> that it would be okay if we let /bin/bash continue to import functions
>> by default, but have bash invoked as /bin/sh refuse to do imports by
>> default. . .
> 
> The more I see of how many bash-isms work when bash is invoked as /bin/sh, 
> the more convinced I get that we need to either
> 
> 1) make bash when invoked as /bin/sh fail those bash-isms

It's come up before, and it's not something that bash has ever been
intended to do.  When invoked as /bin/sh, bash will behave as a posix
superset.  Posix allows this.

> 2) build a 'real' /bin/sh without those compiled in. This begs the definition 
> of 'real', but IMHO if it's not in POSIX, it shouldn't be in 'real' /bin/sh

This is dash's niche.

Chet

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    chet@case.edu    http://cnswww.cns.cwru.edu/~chet/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]