-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathPOSIXunsafe
32 lines (27 loc) · 1.61 KB
/
POSIXunsafe
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Incomplete list of safety shortcomings in POSIX shell
NEVER leave your variables unquoted.
https://unix.stackexchange.com/questions/171346/security-implications-of-forgetting-to-quote-a-variable-in-bash-posix-shells
And variables with common prefixes without braces.
https://stackoverflow.com/questions/8748831/when-do-we-need-curly-braces-around-shell-variables
Always clean up your environment to prevent stack smashing.
https://github.com/netblue30/firejail/issues/3678
Better use `test [expression]` and dont dare to ask why
`[ 12 -le 13 ]` is also part of POSIX shell.
And why there are spaces and what happens if you forget them.
You can not in a POSIX way reliably and sanely short
0. use shellcheck to catch common problems
https://github.com/koalaman/shellcheck/releases
1. check if symbols is defined in a script.
https://stackoverflow.com/questions/18597697/posix-compliant-way-to-scope-variables-to-a-function-in-a-shell-script
2. detect if a script is being sourced
https://stackoverflow.com/questions/2683279/how-to-detect-if-a-script-is-being-sourced
3. get the current directory of the script.
https://stackoverflow.com/questions/29832037/how-to-get-script-directory-in-posix-sh
4. how to find files in PATH (standard is ambiguous how it should work)
https://unix.stackexchange.com/questions/85249/why-not-use-which-what-to-use-then
Shells are for exactly 4 purposes of very limited sized programs and use
an ideally type-checked language otherwise:
1. filepath manipulation with globbing and alike (path hackery)
2. piping programs and their output
3. simple execution flow with respective job control
4. basic text processing