Matthias Urlichs, le Thu 25 Sep 2014 21:17:58 +0200, a écrit : > Samuel Thibault: > > Sounds crazy to me. > > > Definitely. This is now out in the wild; exploits which simply replace > echo or cat-without-/bin are going to happen. :-/
That's not so easy to exploit. You have to manage to inject those precise variable names. Samuel -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
