Re: Mass "do not use bash" bug filing

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: debian-devel@lists.debian.org
Subject: Re: Mass "do not use bash" bug filing
From: Klaus Ethgen <Klaus@Ethgen.de>
Date: Fri, 26 Sep 2014 11:36:10 +0100
Message-id: <[🔎] 20140926103606.GA23490@ikki.ethgen.ch>
Mail-followup-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 1411727317.1994.5.camel@jacala.jungle.funky-badger.org>
References: <[🔎] 1411727317.1994.5.camel@jacala.jungle.funky-badger.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

Am Fr den 26. Sep 2014 um 11:28 schrieb Adam D. Barratt:
> I noticed that you appear to be filing several RC bugs against packages
> which use /bin/bash shebangs in their scripts.

Only against that 3 tools that most likely are also used from network
systems like web tools or so.

> These bugs are *not* RC. The packages themselves do not have security
> issues. The interpreter they choose to use {may,does}, but that is not a
> bug in grep, xz-utils or gzip.

I have no problem if the severity gets lowered. Therefor I added a
paragraph that explains my decision.

> You should also know by now that mass bug filing without prior
> discussion is discouraged, regardless of the severity.

I don't think that 3 bugs are "mass bug filling". I manually checked
where such a bug report is needed.

> Finally, the rationale presented for the bugs - "against the debian
> policy to use /bin/sh if possible" - is bogus. Debian Policy makes no
> such requirement or even suggestion. It spells out what functionality
> scripts using /bin/sh may rely on, it in no way implies that other
> shells may not be used if appropriate shebangs and dependencies are in
> place.

Exactly that I wanted to say, that it is a recommendation to use
/bin/sh.

Regards
   Klaus
- -- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBCgAGBQJUJUGWAAoJEKZ8CrGAGfasxS0L/3oW1O8hE0c8XbBA8mSygIar
zf15OSDbpwM5hVqniP0dFRBD+CelDZeuR1MwulopGgeRjeVRQoTTnw4X98sd6wBX
ptczcC5OnHy5n6EPoRcOS+F1xfckSBD93ogbqma3qTwhISwJ8VbYZ6VBAzxEBmoU
4hxG8+NbhZ7D27RFiQDT7uBzyZcpckvwLa2ukxMYugj9aRF65cP77Y4NeMyDgC+B
9UdZhBDjG8FRhch9nhIHfeb9Qs5Nw/mPBFI6sBORyNXd2JQfCpo2R44jU5e1v+z6
8vN7REqR+14P2+ieVd362DUHDe+YrZRJogl1Ff8FfhHOr/S/BOYFOxTSrgDf5PTd
zHG2Gr728qAMvkHAfBgbjNsYZxYGhNukojBH+W8jbFoFd3Ii7nFoq4JbMQU7dnwU
NFoZca+SBJicaW8nhd8Oc34mBBtuzPq7w+jQWYUCyicKpjNsNEEHuHbpHBVu7SWi
rqoVLIPG2PzbN8CWhXQG9n5DGQR7GPUjnOsELeqroA==
=FQz7
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Mass "do not use bash" bug filing
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: Mass "do not use bash" bug filing
  - From: Jakub Wilk <jwilk@debian.org>
- Re: Mass "do not use bash" bug filing
  - From: Thorsten Glaser <tg@mirbsd.de>

References:
- Mass "do not use bash" bug filing
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Re: Seeking help with OpenVPN scripts and systemd
Next by Date: Re: upgrades must not change the installed init system [was: Re: Cinnamon environment now available in testing]
Previous by thread: Mass "do not use bash" bug filing
Next by thread: Re: Mass "do not use bash" bug filing
Index(es):
- Date
- Thread