ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Linux bash exploit discovered

<< < (5/7) > >>

ewemoa:
I'm not sure what the current status is, but FWIW at some point Ubuntu was using dash as its default system shell:

  https://wiki.ubuntu.com/DashAsBinSh

Tuxman:
indeed, it is still the default login shell
--- End quote ---

 :huh:

ewemoa:
According to Gentoo's wiki:

As some sh scripts may have bashisms in them, it is not guaranteed to work out-of-the-box on Gentoo as /bin/sh replacement.

--- End quote ---

via:  http://wiki.gentoo.org/wiki/Dash

May be if that's still the case, there will be more incentive to make some appropriate changes...

OTOH, there's this:

  https://bugs.gentoo.org/45735?id=45735

with the status RESOLVED CANTFIX

ewemoa:
I just checked a relatively recent version of Linux Mint (17 I think), and /bin/sh symlinked to dash, so my guess is that Ubuntu still uses dash as the system shell.

ewemoa:
Arch seems to have taken the position (at least at some point) of not switching:

We are using bash arrays and lots of other bash features, removing them now is simply impossible. bash it is, and will be.

--- End quote ---

via https://bugs.archlinux.org/task/19551

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version