[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: more ash/dash/bash questions



Otavio Exel wrote:
Hello List,

I've been writing shell scripts to be run as root lately;
I'm not aware of any security-risk involving bash but I'd much more
rather run those scripts with ash or dash instead of bash;

What sort of security risks do you have in mind other than human error? Particularly when the script is running as root.


some years ago I remember reading here that pointing /bin/sh to dash or
ash would break a lot of important scripts in Debian;

so, instead of pointing /bin/sh to ash or dash, I'm starting my scripts
with ``#!/bin/ash''; I know that if I accidentaly remove ash my scripts
will break but I decided to run the risk!

but, in order to mimimize the risk, which interpreter should I use in my
scripts, ``#!/bin/ash'' or ``#!/bin/dash'' ?

It depends on where the scripts are intended to be run. If you want them to run only on your machine, you are free to choose any interpretor you want, otherwise you can try making a deb package of your script and have it depend on the interpretor of your choice.

--
Raj Kiran Grandhi
--
Politics is for the moment. An equation is for eternity.
                                       -- Albert Einstein


Reply to: