[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

bash without importing shell functions from the environment

Package: bash
Version: 4.1-3

I have prepared bash packages which do not honour any shell functions
they find in the environment.  IMO that is a crazy feature, which
ought to be disabled.  (I'm running this on chiark now and nothing has
visibly broken yet.)

Packages (i386) for squeeze, wheezy and sid are here:
  http://www.chiark.greenend.org.uk/~ian/bash-noshellfunctions/

dgit format git branches are here:
  git://git.chiark.greenend.org.uk/~ianmdlvl/bash.git
  http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git/bash.git/

A codesearch [1] shows that this change will break very few things.
Arguably we (Debian) should apply this in sid (hence this bug report).
Doing it in security updates to stable releases is sadly too risky.
But people who want to take that risk themselves are welcome to
install my packages.

(It took me merely a few moments with the source code to prepare the
code patch.  But then I had to spend an hour or two wrestling with the
patch systems of the packages in squeeze and wheezy.  I would like to
take this opportunity to say how much I appreciate the work of the
security team, who have to cope on a daily basis with [CoC violation]
such as that found in the squeeze and wheezy bash Debian `source'
packages.)

Ian.

[1] http://codesearch.debian.net/search?q=export\+-f
Reply to: