shyouhei / ruby-lang.org wrote:
> This patch does not add a new feature, nor delete anything.  It just
> changes the default behaviour when ruby spawns subprocesses.
> 
>     Process.spawn('/usr/bin/printenv') # -> prints nothing

The potential for breakage is way too high.  Losing some envs (e.g.
PATH, TMPDIR, SHELL or HOME) can be disastrous and introduce new
security problems.

Right now, everybody knows about shellshock and patching bash.
This is an over-reaction which causes needless breakage.

(Especially since your example never even spawns a shell)