[Python-Dev] Critical bash vulnerability CVE-2014-6271 may affect Python on *n*x and OSX

Cameron Simpson cs at zip.com.au
Fri Sep 26 04:55:47 CEST 2014

On 25Sep2014 21:30, Tres Seaver <tseaver at palladion.com> wrote:
>On 09/25/2014 08:59 PM, Cameron Simpson wrote:
>> Your cable/adsl modem? Probably an embedded Linux box, possibly using
>> bash, and certainly a dhcp client of the ISP. Better still, for many
>> people that same comprimisable modem is the DHCP _server_ for their
>> home LAN...
>Generally those devices are *not* using bash as '/bin/sh':  it is too
>heavyweigh.  Most will use 'busybox' or some other Swiss-army command for
>stuff which is separate commands on a "normal" linux system.

Fair point.

Cameron Simpson <cs at zip.com.au>

There is no reason anyone would want a computer in their home.
       --Ken Olson, president, chairman and founder of Digital
         Equipment Corp.,  1977

More information about the Python-Dev mailing list