[CentOS] Bourne shell deprecated?

Wed Apr 27 15:12:18 UTC 2016
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On Wed, April 27, 2016 10:01 am, m.roth at 5-cent.us wrote:
> Scott Robbins wrote:
>> On Tue, Apr 26, 2016 at 07:27:26PM -0700, Alice Wonder wrote:
>>>
>>> Some of the BSDs use to have a bourne shell and maybe some do, I don't
> know.
>>>
>> Yup.
>>
>>> bash is mostly compatible with bourne (can run most bourne scripts)
> which is why /bin/sh is a symlink to /bin/bash on GNU and most other
> *nix systems.
>>
>> Bash can run Bourne, but not necessarily vice versa, which can be
> problematic if, say, moving a Linux script to a BSD or AIX box.   I
> remember something I'd done which used, IIRC, $UID, without realizing it
> was a bashism, instead of using id -u.

There is at least one good reason Bourne shell is still alive and not
striving to cover all Bourne-Again shell (bash) features IMHO. Bourne
shell is very well debugged, and code is much smaller, hence much less
chance to have undiscovered bugs. Therefore, it should be much better
security wise. Imagine you never heard about shellshock, and I ask you is
it bash or is it Bourne shell, what would you bet be? (90 or 95% it is
bash would be mine, - if I recollect correctly my reaction when I first
heard about that).

Just my $0.02

Valeri

>
> I'll also note that all *production* scripts were once required to be
> bourne, but by the mid-ninties, management was starting to mandate that
> they be Korn shell, instead, for many reasons - capabilities, etc. Bash -
> I don't think I saw that till I started running RH 5.1, I think it was,
> about 18 years ago....
>
>       mark
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++