Dash as default shell

Rahul Sundaram metherid at gmail.com
Thu Oct 2 08:25:49 UTC 2014


On Thu, Oct 2, 2014 at 4:04 AM, Richard W.M. Jones  wrote:

> On Wed, Oct 01, 2014 at 10:39:04PM -0400, Rahul Sundaram wrote:
> For Ubuntu the stated reason to follow Debian was pretty bogus[1] --

Ubuntu didn't follow Debian here.  It was the other way around.

> It doesn't even avoid Debian & Ubuntu having a security problem, since
> they still need to fix bash.

Sure.  Unless they stop shipping bash, they got to fix security problems.
That is no surprise.  The real question is whether it reduced the impact of
the issue for their users.

> What makes you think the dash doesn't have vulnerabilities too?

Do note that I explicitly avoided making any such specific claims and
instead proposed it as a discussion point for a good reason.    Having said
that, the general understanding appears to be that a minimal software with
a smaller footprint has less potential issues.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141002/2700f9d8/attachment.html>

More information about the devel mailing list