On Sat, Sep 14, 2024 at 19:46:21 +0800, ~ via Bug reports for the GNU Bourne
Again SHell wrote:
> Dear bug-bash team:
> I hope this email finds you well. During my recent security
> assessment of bash, I identified a potential security vulnerability that I
> believe may impact the security of
At 2024-09-13T15:24:15-0400, Chet Ramey wrote:
> It has no effects in its default state. If you don't change it, nothing
> happens. If you change it, you change `bell-style' instead.
>
> > The fact that its usage continues suggests documenting it as
> > deprecated would be beneficial.
>
> Maybe.
You seem to be implying that execstr contains a value that's under the
control of the input stream in a way that would allow malicious data on the
input stream to cause the shell to invoke arbitrary code.
I read the run_callback() function, and I don't see that as plausible,
unless you claiming th
