I've been searching for some clarification on these two "fixes" and I'm utterly confused. I've been lead to believe RedHat's first patch (6271) is based on code from Chet that just causes bash to reject functions where code appears outside of the function body.
However, this patch was labeled as "insufficient" and 7169 now appears to completely remove the ability to receive function definitions from the environment. I have production code that requires function exporting that's going to be broken by 7169. Is this some knee-jerk reaction by just RedHat or is this a revised patch from Chet marking a change in bash functionality? My company's cybersecurity folks are pushing to install 7169 as soon as possible and while I'm trying to push back I need to know if this a strategic change in direction for bash, RHEL, or what, exactly. (Because I need to know how extensively I need to reachitect my application). -Alan -- a...@madllama.net http://humbleville.blogspot.com
