On Tue, May 06, 2008 at 09:29:44PM -0300, Otavio Exel wrote: > Hello List, > > I've been writing shell scripts to be run as root lately; > I'm not aware of any security-risk involving bash but I'd much more > rather run those scripts with ash or dash instead of bash;
Obviously ash or dash have to be installed. > some years ago I remember reading here that pointing /bin/sh to dash or > ash would break a lot of important scripts in Debian; Umm, well, if /bin/sh points to dash/ash and you write a script with bashisms then you have to have #!/bin/bash as the interpreter line. The reason there was talk about it, is that traditionally /bin/sh pointed to /bin/bash and so it wouldn't matter if you used bashisms or not. Now, /bin/sh is going to point to dash for reasons of bootup speed and I suppose also (eventually) to not force the installation of bash, as it is a bit of a resource hog, although this last part is just a guess. > so, instead of pointing /bin/sh to ash or dash, I'm starting my scripts > with ``#!/bin/ash''; I know that if I accidentaly remove ash my scripts > will break but I decided to run the risk! Umm, point /bin/sh to dash and file bugs against packages that break. You will be contributing to Debian by doing this. > but, in order to mimimize the risk, which interpreter should I use in my > scripts, ``#!/bin/ash'' or ``#!/bin/dash'' ? See previous points. -- Chris. ====== "One, with God, is always a majority, but many a martyr has been burned at the stake while the votes were being counted." -- Thomas B. Reed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
