Well, as much as the shell is a separate class of execution environment, it seems the trouble is mostly with strict AppArmor profile writing. Metacharacter vulnerabilities would allow the execution of other tools that do allow networking (nc, perl, python, awk). The only kind of attack that would be exclusively solved would be when "$(`" are filtered, but not "<>". This seems like too small an attack surface to justifying a delta from Debian, much less a delta from every other distribution.
** Changed in: bash (Ubuntu Karmic) Status: Confirmed => Won't Fix ** Changed in: bash (Ubuntu Maverick) Status: Confirmed => Won't Fix ** Changed in: bash (Ubuntu Lucid) Status: Confirmed => Won't Fix ** Changed in: bash (Ubuntu Natty) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712662 Title: network redirection has been enabled -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs