Hacker News new | past | comments | ask | show | jobs | submit login

Out of curiosty: did it cause any problems with intended use of this shell feature? Did anyone complained that it broke something that worked before?



We have not seen any complaints about this.


I assume Cloudflare are filtering HTTP headers. I cannot imagine a valid reason to pass in functions to bash in headers.


And functions with malicious shell script appended at that! ;)


There is no intended use, it's a pure evil bug in bash. I wouldn't be surprised if it was discovered that it has been implanted intentionnally.


How can a bug be evil? Don't attach morals to things which should be amoral.


Its a joke, eval(uate) is evil...




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: