[Fedora] Heads up: possible BASH security vulnerability
Chris Adams
linux at cmadams.net
Thu Sep 25 12:54:40 UTC 2014
Once upon a time, Walter Cazzola <cazzola at di.unimi.it> said:
> I was wondering if it could be a good workaround to link /bin/sh to tcsh
> instead of bash. I'm not using bash at all but probably something in the
> system is so do you know some contraindication on a system with apache
> and SVN servers?
/bin/sh must be a POSIX compatible shell, because many scripts use it.
tcsh is not a POSIX compatible shell (it implements the C shell
scripting language instead), so you cannot change /bin/sh to tcsh.
You could install dash and symlink it to /bin/sh, because it is a POSIX
compatible shell. Debian (and its derived distros) have used dash as
/bin/sh for a while now.
--
Chris Adams <linux at cmadams.net>
More information about the users
mailing list