[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bash exorcism experiment ('bug' 762923 & 763012)

On 02/10/14 17:30, shawn wilson wrote:
> I'm pretty sure dash never got a rewrite? So this just happened to be
> a "feature" that got ripped out of dash.

You seem to be under the impression that dash is some sort of fork or
derivative of bash. It isn't; I don't think they even have a common

POSIX sh is a specification for how Unix-like shells should behave,
based on the language interpreted by the 1977 Bourne shell (sh). Debian
Policy requires /bin/sh to be a POSIX sh with at least a couple of
specified additional features ("local" is one of those features), and
optionally, other features beyond those. The default implementation was
originally bash, and was changed to dash in recent releases.

dash is an implementation of POSIX sh, derived from the Almquist shell
(ash) taken from NetBSD. As far as I know, ash was an independent
implementation (i.e. rewrite) of a POSIX sh. It has a small number of
non-POSIX features, including those required by Debian Policy.

bash is GNU's implementation (i.e. another rewrite) of the Bourne shell,
hence its name "Bourne Again SHell". It has lots of non-POSIX features,
making it a considerably better interactive shell than dash, and more
capable for scripting. One of its non-POSIX features is the ability to
export functions, which is the feature being abused in this vulnerability.

> I'm not sure why it got ripped out

I don't think dash ever had this feature to begin with, so there was
nothing to rip out.


Reply to: