Yet Another Shellshock Article

Well ShellShock has certainly created a lot of press – and I am sure that most readers will understand what the Linux Shell is by now.

My instant reaction was, why patch, simply delete the /bin/bash.exe (or whatever the path is) and tell users to use a different shell. But it turns out this is not possible as bash is used in many start up and systems admin scripts. Why?

Old Argument

For me, this re-ignites an argument I had with a Nexor Engineer back in the 1990’s, when developing scripts to implement directory administrative tasks using the DISH programme.

In those days there were 3 main choices of shell:

  • SH. The original Berkeley Bourne Shell. It was simple, and designed for implementing shell scripts. It was not great from an interactive user perspective.
  • CSH. An alternative to the Bourne Shell, that was easier to use interactively. Also more widely preferred as the syntax was more like the C programming language.
  • Then can BASH. This was a new kid on the block and had lots more features, and was a lot easier to use, both interactively and arguably in scripts.(There were others like KSH and TSH but I didn’t come across any advocates of them.)

I was an advocate for using SH for scripts, although I used CSH as my login shell. Using two was a pain, as the syntaxes were different, but not impossible.

My colleague used BASH for both scripts and login. I put forward the argument this was bad news. SH was ubiquitous, and our solutions were being run on a wide variety of different Unix systems – you could rely on it.

BASH wasn’t. You could not rely on it (then – no comment now, as my scripting days are long over), if it was not there, the customer had to download the source and compile it. I argued this was bad. The counter argument for BASH was easier and thus more productive.

Here we are 20ish years on, it seems ubiquity is still an issue. On some Linux distro’s SH still exists, on others it links BASH. This just makes the world more confused.

Trustworthy software.

I still believe there is fundamental reason to have different shells for scripts and user interaction. Shellshock would seem to emphasis this. As BASH has evolved it gets more complex, adding more and more usability features. This is great for the interactive user, but for scripting, I need something trustworthy, something I can rely on, SH did that by being simple.

Have we created our own untrustworthy destiny by adding complexity where it is not needed?
Binary Back