[Python-Dev] Critical bash vulnerability CVE-2014-6271 may affect Python on nx and OSX (original) (raw)

Antoine Pitrou solipsis at pitrou.net
Fri Sep 26 13:16:05 CEST 2014

• Previous message: [Python-Dev] Critical bash vulnerability CVE-2014-6271 may affect Python on *n*x and OSX
• Next message: [Python-Dev] Critical bash vulnerability CVE-2014-6271 may affect Python on *n*x and OSX
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 26 Sep 2014 01:10:53 -0700 Hasan Diwan <hasan.diwan at gmail.com> wrote:

Matěj,

On 26 September 2014 00:28, Matěj Cepl <mcepl at cepl.eu> wrote: > Where does your faith that other /bin/sh implementations (dash, > busybox, etc.) are less buggy comes from?

The fact that they are simpler, in terms of lines of code. It's no guarantee, but the less a given piece of code does, the less bugs it will have. -- H

And that they have less "features" (which is certainly correlated to their simplicity). IIUC, the misimplemented feature leading to this vulnerability is a bash-ism.

Regards

Antoine.

• Previous message: [Python-Dev] Critical bash vulnerability CVE-2014-6271 may affect Python on *n*x and OSX
• Next message: [Python-Dev] Critical bash vulnerability CVE-2014-6271 may affect Python on *n*x and OSX
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list