[arch-general] dash as default shell?

Eli Schwartz eschwartz at archlinux.org
Thu Jun 18 16:22:49 UTC 2020 

On 6/18/20 12:08 PM, lists at 2ion.de wrote:
> On Wed, Jun 17, 2020 at 11:17:08PM +0100, Piscium via arch-general wrote:
>> But switching to dash would also be about security, as less code means
>> less bugs [5].
> 
> Usage of a more concise, powerful and clean shell language is much more
> suitable as a point when bringing forth an argument of there being less
> bugs.
> 
> I'd say that the amount of bugs in the underlying implementation of a
> shell almost does matter nothing when compared to the horrors of
> hacked-together shell scripts that try to be as "basic" as possible,
> trying to be as "compatible" as possible with anything, exchanging
> cleanliness and expressiveness for horrible Debian init script-style
> code.
> 
> Saving a pseudo-array into a string just to manually reconstruct the
> pseudo-list when the occasion arises to access a specific element is
> just one example of what awaits people who ignore the benefits of Bash
> arrays when they could have had them just by using a different shebang.

Why does this have anything to do with switching /bin/sh? Scripts which
do not "ignore the benefits of bash arrays when they could have had them
just by using a different shebang", would not be affected by such a
change as they do not, in fact, use a different shebang.

Meanwhile, scripts which use bashisms but a /bin/sh shebang are broken
even if /bin/sh is a symlink to bash. Bash disables some, but not all,
features of bash if it is invoked in POSIX mode, such as via a symlink
named /bin/sh -- so, you do not even get the benefits of bash, and never
have, if you used /bin/sh as your shebang.

> And nearly everybody who has to write this quickly will do it wrong.

And yet, some do not. Some write elegant, simple POSIX sh scripts which
do it right. For example, people often forget that pipelines and
functions are an option, and sometimes a much faster and better option
than global state variables.

And most people who are writing /bin/bash scripts are *also* doing it
wrong because they don't really know what they are doing. Just saying. :p

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1601 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20200618/0c5b6111/attachment.sig>

More information about the arch-general mailing list