Re: Dash as default shell

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

On Thu, Oct 2, 2014 at 8:49 AM, Chris Adams <linux@xxxxxxxxxxx> wrote:
> Once upon a time, Rahul Sundaram <metherid@xxxxxxxxx> said:
>> Is it worth considering using Dash as the default (non-interactive) shell
>> in Fedora?  Other distributions including Ubuntu and Debian (
>> https://lwn.net/Articles/343924/) have been using dash as the default shell
>> and Android uses mksh.  While this appears to have been done primary to
>> increase bootup efficiency (which is not relevant with systemd), it might
>> help with security

I know not of those various reasons why in Debian and friends, dash is
the shell that stuck. However, I think there would definitely not be
any promising/appreciable bootup boost on switching the default shells
on modern systems.

> To be proven better (and worthy of replacing bash as /bin/sh), dash
> would need at least as much scrutiny.  dash is roughly the same age as
> bash (both just over 25 years old), so "newer" or "older" isn't really a
> factor.

As for the matter of security, I agree with this view. Such
vulnerabilities on these long time stable shells may not be evident
superficially.

> Could this be handled through the alternatives system, so that
> admins could choose bash vs. dash vs. whatever?  In theory now, /bin/sh
> is not as critical to system startup with systemd (although I expect
> there are still scripts that called in various places).

I also thought about this sometime back that it would be nice on
server (or maybe even desktop) based systems to have dash and having a
provision to switch is worth exploring.

As for embedded systems/android, the choice of shells is not a major
matter as they use highly modified and optimized versions (including
shells) and the security vulnerability is usually not a prime concern
there. So we may keep the others out of the picture (unless Fedora ARM
is interested in this as well)

--
Suchakra
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux