[GTALUG] MP BIOS Toshiba - semi revival
Christopher Browne
cbbrowne at gmail.com
Tue Mar 17 15:05:29 UTC 2015
On 17 March 2015 at 10:16, Russell Reiter <rreiter91 at gmail.com> wrote:
> I'm not sure that performance and security aren't interchangable concepts.
> While the implimentation of dash did improve performance it did also
> mitigate the effects of the Shellshock vulnaribiliy discovered last year.
Well, if you examine the package information about Dash, the description
is reasonably specific...
https://packages.debian.org/sid/shells/dash
"The Debian Almquist Shell (dash) is a POSIX-compliant shell derived from ash.
Since it executes scripts faster than bash, and has fewer library
dependencies (making it more robust against software or hardware
failures), it is used as the default system shell on Debian systems."
I agree that performance is somewhat related to security; a denial of
service can result from poor performance. But the above seems to be
descriptive of why Dash was chosen as the default shell in Debian
post-Squeeze.
Fewer library dependencies is an interesting additional property.
That is presumably "more secure" as well, but I think they were after
"more reliable" which, while not unrelated, is a distinctly separate
measure.
--
When confronted by a difficult problem, solve it by reducing it to the
question, "How would the Lone Ranger handle this?"
More information about the talk
mailing list