From mboxrd@z Thu Jan  1 00:00:00 1970
From: khm@sciops.net (Kurt H Maier)
Date: Wed, 18 Nov 2015 00:15:09 -0500
Subject: [TUHS] Interesting post by Rob Pike in 1985: Shells,
 features and interaction
In-Reply-To: <7694.1447811788@cesium.clock.org>
References: <877flgw816.fsf@fastmail.com>
 <7694.1447811788@cesium.clock.org>
Message-ID: <20151118051509.GB27122@wopr.sciops.net>

On Tue, Nov 17, 2015 at 05:56:28PM -0800, Erik E. Fair wrote:
>
> The cause was idiot programmers who wrote CGI scripts for bash
> without proper data sanitization.
>

No, the cause was "idiot programmers" who did not stop processing the
function definition when the function ended.  Bash was not conformant
to its own syntax specification.   Then they had to fix the same bug for
here documents.  While fixing that, someone discovered stack smash among
other bugs in the parser.

Data santitization is important, but that doesn't mean bash doesn't
suck.  The fix wasn't "stop exporting functions into the environemnt,"
the fix was to patch bash.  Several times.

khm