On Tue, Sep 05, 2023 at 05:09:52PM +0200, Andreas Kähäri wrote: > On Tue, Sep 05, 2023 at 04:04:50PM +0200, alex xmb ratchev wrote: > > On Mon, Sep 4, 2023, 15:19 Kerin Millar <k...@plushkava.net> wrote: > > > Curiously, ARRAY_EXPORT can be defined in config-top.h. It's probably safe > > > to say that nobody uses it (nor should anybody wish to upon realising how > > > it works). > > > > does it make too big copies or wha .. > > On Unix systems, environment variables are plain key-value pairs of > strings. An array in bash is not a key-value pair of strings, but > a list of strings (and corresponding indexes). The ARRAY_EXPORT > configuration option (which I believe isn't settable from the > "configure" script, and which I've never tried enabling) presumably > makes arrays exportable somehow (probably only to other bash shell > instances, similar to how "exportable functions" work).
For the record, here's the snippet from config-top.h: /* Define to 1 if you want to be able to export indexed arrays to processes using the foo=([0]=one [1]=two) and so on */ /* #define ARRAY_EXPORT 1 */ I've never tried it, so I don't know how it plays out in practice. It does make me think of bash's exportable functions, and the shellshock vulnerability which was spotlighted a while back, but I don't have any idea whether this would introduce any security vulnerabilities. I wonder what specific issues Kerin is thinking about.
