Dash as default shell

Haïkel hguemar at fedoraproject.org
Thu Oct 2 15:56:13 UTC 2014

I don't see any real benefit to move to dash since we get rid of sysV
init, no security improvements, but a lot of breakages to fix (Debian
spent a lot of time to fix bashisms in their packages ...)
That doesn't mean that we shouldn't consider it -this is a sane to
periodically re-assess our defaults-, but I need to hear what security
team thinks about it.

dash has a smaller codebase but is much less used than bash (and
people will end up installing bash or another full-featured shell so
it voids the security benefits) so I suspect we're not improving


I'm more worried that many core components of the distro like bash
lack manpower, and I would prefer that we spent more efforts in
identifying them and see what we could do to improve the situation.

@Base WG: would you consider auditing the components of the base OS ?
Are they properly maintained or organize a security audit of the most
critical components ?


More information about the devel mailing list