Path: csiph.com!aioe.org!news.glorb.com!usenet.stanford.edu!not-for-mail From: Chet Ramey Newsgroups: gnu.bash.bug Subject: Re: cannot declare local variables if they're readonly Date: Thu, 23 Jul 2015 09:05:14 -0400 Lines: 17 Approved: bug-bash@gnu.org Message-ID: References: Reply-To: chet.ramey@case.edu NNTP-Posting-Host: lists.gnu.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Trace: usenet.stanford.edu 1437656730 4311 208.118.235.17 (23 Jul 2015 13:05:30 GMT) X-Complaints-To: action@cs.stanford.edu Cc: chet.ramey@case.edu To: isabella parakiss , bug-bash Envelope-to: bug-bash@gnu.org User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 In-Reply-To: X-Junkmail-Status: score=10/50, host=mpv6.cwru.edu X-Junkmail-Whitelist: YES (by domain whitelist at mpv2.tis.cwru.edu) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic] X-Received-From: 129.22.105.37 X-BeenThere: bug-bash@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Bug reports for the GNU Bourne Again SHell List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Xref: aioe.org gnu.bash.bug:11256 On 7/22/15 7:12 PM, isabella parakiss wrote: > From variables.c > > The test against old_var's context > level is to disallow local copies of readonly global variables (since I > believe that this could be a security hole). > > Can you please explain how that can be a security hole? http://lists.gnu.org/archive/html/bug-bash/2011-02/msg00194.html http://lists.gnu.org/archive/html/bug-bash/2012-04/msg00099.html -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, ITS, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/