Hacker News new | ask | show | jobs
by Glan1984 4279 days ago
How about installing zsh and making that the default shell? Is that enough?
1 comments
dylukes 4279 days ago
zsh is also vulnerable. (it's a bash derivative)
link
brians 4278 days ago
Can you show example code exploiting zsh? I haven't seen such, nor found such:

  » V='() { :; }; echo busted' zsh -c "echo hi"
  hi
But:

  » V='() { :; }; echo busted' bash -c "echo hi"
  busted
  hi
link
Glan1984 4278 days ago
https://security.stackexchange.com/questions/68146/how-do-i-...
link
bodyfour 4278 days ago
That's incorrect; it does not appear to have the "export function" feature that this bug relies on.
link