[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I've found a vulnerability in bash

From: Robert Elz
Subject: Re: I've found a vulnerability in bash
Date: Sat, 20 Nov 2021 06:50:26 +0700

    Date:        Fri, 19 Nov 2021 13:40:16 -0600
    From:        Eric Blake <eblake@redhat.com>
    Message-ID:  <20211119194016.5xn6gydfbtwmv44u@redhat.com>

  | According to POSIX, perl should REALLY be passing a "--" argument
  | between "-c" and the scalar string given by the user; see
  | https://www.austingroupbugs.net/view.php?id=1440

posix says nothing at all about perl

Further, even for the libc system() function, that change is still
only in a draft, as you know, and while I don't expect there will
be any issues with that particular change when the whole thing comes
up for ratification, that's probably still the best part of a year
away.   Criticising anyone for not following an unpublished
standard is hardly fair, even if it did apply.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]