Sunday, 28 September 2014

Re: dhclient-script shell

On Sat, Sep 27, 2014 at 11:59:20AM -0400, Forest Bond wrote:
> In light of the recent bash vulnerability, perhaps it would make sense to
> evaluate whether /sbin/dhclient-script really requires bash or if it can perhaps
> be made POSIX compatible instead?
> $ head -n1 /sbin/dhclient-script
> #!/bin/bash

It seems largely OK in itself (there's a detail of arithmetic expansion
that has been problematic with some versions of bash, but that's all I
see from a quick scan). The problem is going to be that it sources hook
files from other packages and ones locally created by the user, and it's
not immediately clear how we can safely transition to POSIX shell
especially for the later.

Colin Watson []

ubuntu-devel mailing list
Modify settings or unsubscribe at: