[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy update of git?

Hi Raphael

I have investigated a similar issue in the past (CVE-2016-7543). That time it was the PS4 variable and the default shell an important factor. If I had dash as default shell it was possible to reproduce the issue. If I had bash as default shell it was possible.

As this is a prompt expansion and that tend to be handled differently in different shells I thought that maybe the default shell could be important in this case too.

This is why I suggested to check what shell was the default shell.

Yes it was speculation, but backed by the fact that I have stumbled on that kind of problem in the past.

Best regards

// Ola

On 21 March 2017 at 14:58, Raphael Hertzog <hertzog@debian.org> wrote:
On Tue, 21 Mar 2017, Ola Lundqvist wrote:
> What default shell was used?

No change on the default shell, so bash.

> The default shell have impacted this kind of things before.

Sometimes I wonder from where you get your ideas. This speculation
doesn't seem to be backed by anything.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /

Reply to: