[Linux-aus] What's the real story about Shellshock and Bash and vulnerabilities in Linux and OpenSource?

[Paul Gear]

On 27/09/14 12:31, Anthony Thyssen wrote:
> PS; I think it is stuipd that BASH actually initiallises external
> functions on startup.   If an external function is desirable then
> the bash script that imports it should declare it, and the function
> gets important only at that point.

There has certainly been discussion amongst some distro vendors about
disabling that functionality altogether.  Last I heard, the initial
diagnosis was that it would break too many things to do it straight
away, but it's definitely on the cards for the future.

Paul