On 6/18/20 12:08 PM, lists@xxxxxxx wrote: > On Wed, Jun 17, 2020 at 11:17:08PM +0100, Piscium via arch-general wrote: >> But switching to dash would also be about security, as less code means >> less bugs [5]. > > Usage of a more concise, powerful and clean shell language is much more > suitable as a point when bringing forth an argument of there being less > bugs. > > I'd say that the amount of bugs in the underlying implementation of a > shell almost does matter nothing when compared to the horrors of > hacked-together shell scripts that try to be as "basic" as possible, > trying to be as "compatible" as possible with anything, exchanging > cleanliness and expressiveness for horrible Debian init script-style > code. > > Saving a pseudo-array into a string just to manually reconstruct the > pseudo-list when the occasion arises to access a specific element is > just one example of what awaits people who ignore the benefits of Bash > arrays when they could have had them just by using a different shebang. Why does this have anything to do with switching /bin/sh? Scripts which do not "ignore the benefits of bash arrays when they could have had them just by using a different shebang", would not be affected by such a change as they do not, in fact, use a different shebang. Meanwhile, scripts which use bashisms but a /bin/sh shebang are broken even if /bin/sh is a symlink to bash. Bash disables some, but not all, features of bash if it is invoked in POSIX mode, such as via a symlink named /bin/sh -- so, you do not even get the benefits of bash, and never have, if you used /bin/sh as your shebang. > And nearly everybody who has to write this quickly will do it wrong. And yet, some do not. Some write elegant, simple POSIX sh scripts which do it right. For example, people often forget that pipelines and functions are an option, and sometimes a much faster and better option than global state variables. And most people who are writing /bin/bash scripts are *also* doing it wrong because they don't really know what they are doing. Just saying. :p -- Eli Schwartz Bug Wrangler and Trusted User
Attachment:
signature.asc
Description: OpenPGP digital signature