Howdie, In light of the recent bash vulnerability, perhaps it would make sense to evaluate whether /sbin/dhclient-script really requires bash or if it can perhaps be made POSIX compatible instead?
$ head -n1 /sbin/dhclient-script #!/bin/bash My own opinion is that as long as bash supports function definitions in environment variables, it is not sane for use in security-sensitive contexts. That Debian/Ubuntu use dash as /bin/sh makes them quite a bit better off than some other distros, but we should probably be looking to evaluate where bash is invoked via shebang lines and take action to limit exposure that way. Thanks, Forest -- Forest Bond http://www.forestbond.com/ http://www.rapidrollout.com/
signature.asc
Description: Digital signature
-- ubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
