[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Questions regarding bash and sh.



Sthu Deus wrote:
Good day.

I have noticed that for some users in /etc/passwd the shell environment
is set as bash and for some as sh. This has led me to the following
questions:

. Why is it so, meaning what is the meaning of it?

. Do I give more insecure environment to a user setting for him sh
instead of bash?

. Why I see that it works different regarding the set environment
(for some sh, for others bash), for, say, autorun scripts such
as .profile, bash_profile, if sh links to bash?

Thank You for Your time.


Damn, I did it again, sending it to one person rather than everyone! I
really need to get used to this mailing list lark.


My message was:

   Sthu Deus wrote:
    Good day.

    I have noticed that for some users in /etc/passwd the shell
    environment
    is set as bash and for some as sh. This has led me to the following
    questions:

    . Why is it so, meaning what is the meaning of it?

    . Do I give more insecure environment to a user setting for him sh
    instead of bash?

    . Why I see that it works different regarding the set environment
    (for some sh, for others bash), for, say, autorun scripts such
    as .profile, bash_profile, if sh links to bash?

    Thank You for Your time.


   On most modern systems, sh is pretty much the same as bash (although
   yours may have sh linked to dash, I'll come back to that later), but
   in a "compatible mode" (AFAIK just with things like the prompt
   changed so it looks more like sh, and it reads different startup
   scripts, and a few of the POSIX-breaking features are disabled). Sh
   is basically a general executable that is linked to the
   bourne-compatible shell of your choice (usually bash, but again,
   sometimes dash). Bash (Bourne Again SHell) is the actual executable
   sh links to on most systems, and has probably the most features of
   all the bourne shells.

   Dash (Debian Almquist SHell) can sometimes be set instead of bash:
   this is much faster, but has fewer features. Some poorly-designed
   shell scripts will fail with systems with sh linked to dash.

   Other systems (mainly embedded systems) have sh linked to busybox -
   this has even fewer features, but is used because it has every major
   tool in one executable.


   Bash in sh mode is no less secure than bash in bash mode. If yours
   is linked to dash or busybox, those are likely to be more secure due
   to the fewer features. But there isn't really much of a difference,
   so don't worry.


   As for your last question, see above. Sh-compatible bash loads
   different startup scripts to bash bash.


   Hope this helped,

   Muzer

   --
   -----BEGIN GEEK CODE BLOCK-----
   Version: 3.1
   GCS/CM/IT d>++ s+:- a---- C+++ UL+++>++++ P+>+++ L+++>+++++
   E---->--- W+++ N o? K? w--- O+ M-- V- PS PE? Y-- PGP- t+ 5? X- R--
   tv+ b++ DI D G++ e- h! !r y ------END GEEK CODE BLOCK------



--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/CM/IT d>++ s+:- a---- C+++ UL+++>++++ P+>+++ L+++>+++++ E---->--- W+++ N o? K? w--- O+ M-- V- PS PE? Y-- PGP- t+ 5? X- R-- tv+ b++ DI D G++ e- h! !r y
------END GEEK CODE BLOCK------



Reply to: