On Thu, 25 Sep 2014, Udo Grabowski (IMK) wrote:
Recent discussions seem to lead to a general security concern with the crippled bash parser, so there nearly certainly will be more and more security issues in the next days to come up. I think the better alternative is to provide 'dash' and symlink bash to dash instead, as dash much cleaner, faster, and POSIX - compliant. Although, as it has not been widely used as bash yet, could have its own bugs not yet discovered....
Unfortunately, 'dash' is not completely compatible with scripts written for 'bash'. It is not clear to my why people write shell scripts targeting bash, but it seems to happen often.
Bob -- Bob Friesenhahn [email protected], http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ _______________________________________________ openindiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
