BASH
Definition
BASH (Bourne Again SHell) is a Unix shell and command language written as a free software replacement for the Bourne shell. It is widely used as the default login shell for most Linux distributions and macOS. BASH provides a command-line interface for interacting with the operating system, allowing users to execute commands, automate tasks through scripting, and manage system processes.
Secure Settings Example
# Disable potentially dangerous BASH features
set -o noclobber # Prevent overwriting of files with '>'
set -o errexit # Exit immediately if a command exits with a non-zero status
set -o nounset # Treat unset variables as an error
set -o pipefail # Return the exit status of the last command in the pipe that failed
# Use full paths to avoid path injection
/usr/bin/ls -l /var/log
# Secure script execution with restricted permissions
chmod 700 secure_script.sh
Insecure Settings Example
# Dangerous settings that can lead to security issues
set +o noclobber # Allows overwriting of files with '>'
set +o errexit # Continue execution even if a command fails
set +o nounset # Allow use of unset variables
set +o pipefail # Ignore failures in a pipeline
# Using relative paths can lead to path injection
ls -l /var/log
# Insecure script permissions allowing others to modify
chmod 777 insecure_script.sh