Op 26 sep. 2014 16:34 schreef "Doug Newgard" email@example.com: [...]
Instead of theorizing that "many" will do this, give a real world example
of where this happens and would have reduced the attack surface of the bug in question.
One of the very few examples that sound reasonable, is dhclient. Apparently, that can be readily used for this bug to be exploited. Sounds like more of problem with dhclient, though.
I agree that there's a lot of fud out there about this bug; once found (or perhaps: cve assigned), the patches came quickly, so that actually looks quite good for bash!
Switching /bin/sh to dash has been discussed before and we can spend a lot of e-mails on that, but as usual it's up to devs to implement it as such, or not.
Just my E0, 02