Dash as default shell

Lennart Poettering mzerqung at 0pointer.de
Thu Oct 2 06:33:23 UTC 2014 

On Wed, 01.10.14 22:39, Rahul Sundaram (metherid at gmail.com) wrote:

> Hi
> 
> Is it worth considering using Dash as the default (non-interactive) shell
> in Fedora?  Other distributions including Ubuntu and Debian (
> https://lwn.net/Articles/343924/) have been using dash as the default shell
> and Android uses mksh.  While this appears to have been done primary to
> increase bootup efficiency (which is not relevant with systemd), it might
> help with security
> 
> Since the recent Shellshock aka Bashdoor vulnerability, there have been
> some discussions about more distributions switching over (
> http://lwn.net/SubscriberLink/614218/019d9a52b0eaae3d/) and I was wondering
> whether it is worth considering for Fedora?  FWIW, both dash and mksh is
> already packaged in Fedora.

This sounds really wrong to me.

If you change /bin/sh to dash, then you'll have to map two shell
binaries into memory (since the login shell is going to stay on bash),
hence the resource usage grows. You increase the number of packages
and minimal footprint of our OS images since we need to install one
more package. You also increase the attack surface, since there'll be
two shells running. You have to maintain + security-fix more code,
since you have two packages to look after (Yes, by adding dash to the
default stack you just put the extra burden on Fedora to quickly
update two packages instead of just one in case of a security
problem). You create a *lot* of porting work for all those
scripts. You *break* all scripts that currently reference /bin/sh in
the shebang-line but use bashisms. Also, many of the bashisms are
actually pretty useful, hence you replace a more powerful language by
a crappier one. You create an entirely new problem for our users, by
making them *think* whether they actually mean /bin/sh or
/bin/bash. You confuse users by disallowing certain expressions in
scripts that work fine if you type them on the interactive shell.

So, in order to keep things simpler, faster, more secure, more
maintainable, more compatible, let's please stick with one shell and
one shell only, and let's stay with bash. Thank you.

Let's not waste our time with this, please!

Lennart

-- 
Lennart Poettering, Red Hat

More information about the devel mailing list