Bash 4 Compatibility
Your article on the new Bash version 4.0 (August 2009, pg. 62) refers to the topic of compatibility right at the start, pointing to eight changes introduced for the sake of POSIX compatibility. Chet Ramey also seems to have been referring to this in your interview, when he said that the new version was as downwardly compatible as possible, but version 3.2's behavior was just incorrect in some places.
In version 4.0 of the shell, the $@ and $* parameter lists are fairly inconsistent "semi-variables" (bash -uc 'echo $@' "$@:unbound variable"; but: @=1 @=1: command not found), although this is not mentioned in the COMPAT file.
These changes mark a departure of the new shell from the POSIX standard, which clearly states: "If there are no positional parameters, the expansion of '@' shall generate zero fields [...]."
Bash 4 simply treats $@ and $* as "undefined" if no parameters have been passed in. This problem primarily occurs when the nounset option (-u) is used to protect against the use of undefined variables and thus make scripts more secure and robust. In this light, the problem might only affect a couple of programmers, as most people still unfortunately work without nounset. (-u is not even mentioned in the Bash manpage.) However, it is quite conceivable that this new behavior could cause other problems that are still waiting to be discovered.
In my opinion, these changes are a careless step backwards and do not indicate the kind of diligence in release management you would expect from a critical package like Bash. This is the reason why I declared the changes to be a grave bug on the following Debian bug report site: http://bugs.debian.org/519165
Martin F Krafft
Bernard Bablok, the author of the Bash 4 article, writes:
I am not familiar with the particular issue described in this letter, but I will assume that Martin Krafft is right. Even so, I cannot share his assessment of Bash 4 as a "careless step backwards." In a complex program such as Bash, it can happen that a compatibility issue or an unwanted problem creeps in. There are bug lists and mailing lists in order to clarify or change such things.
Thanks for your letter. We'll hope the bug report you filed with Debian will draw some attention to this issue.
ECIS and EC
Contrary to an article in your magazine (see "Microsoft's Anticompetitive Behavior" July 2009, pg. 10), ECIS is not part of the European Commission.
They are a lobby group.
Could you please print a correction and amend the online version?
Jonathan Todd European Commission Spokesman on Competition
Kernel king admits his tone has alienated volunteers, but says the demands of the process require directness.
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.