Re: Bash security issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/27/2014 04:21 PM, Chet Ramey wrote:

>> 1) make bash when invoked as /bin/sh fail those bash-isms
> 
> It's come up before, and it's not something that bash has ever been
> intended to do.  When invoked as /bin/sh, bash will behave as a posix
> superset.  Posix allows this.

Even dash is a posix superset.  Although dash tries to be more
minimalistic at not adding new features without first getting those
features specified by posix, there are definite existing extensions in
the code base that the dash maintainer is unwilling to remove because of
the risk of breaking backward compatibility.

> 
>> 2) build a 'real' /bin/sh without those compiled in. This begs the definition of 'real', but IMHO if it's not in POSIX, it shouldn't be in 'real' /bin/sh
> 
> This is dash's niche.

If you want a truly minimalist shell that will loudly complain at
attempts to use extensions, use 'posh' instead of 'dash'.

But Chet's point remains - there's no need to dumb down bash to serve as
a minimalist shell, because that's a maintenance burden, and there are
already other projects that have decided to take on that role.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Autoconf mailing list
Autoconf@xxxxxxx
https://lists.gnu.org/mailman/listinfo/autoconf

[Index of Archives]     [GCC Help]     [Kernel Discussion]     [RPM Discussion]     [Red Hat Development]     [Yosemite News]     [Linux USB]     [Samba]

  Powered by Linux