Replacing /bin/sh

U

user

Hello,
Im wondering if it is safe to replace /bin/sh with the ported bash4 , the question comes because i have applied the syslog patch and wanted to log cmds..
Another question brings up in case of yes for the previous Q. .. assuming a remote attacker gets the /bin/sh ..will his commands be recorded via syslog?

ThankYou for any reply.
 
Some issues with this approach come to mind:
  1. during a base system upgrade, your version of "sh" may get overwritten
  2. unless you're building a statically linked bash4, the shell will not work when /usr/local is not mounted

There might be some other unanticipated side effects as well. Moreover, when you evaluate risks vs. rewards, what are you getting from this? For your logging to work, a user would have to use /bin/sh. Other shells are available.
 
>Some issues with this approach come to mind:

>[*] during a base system upgrade, your version of "sh" may get overwritten

Sure, then u replace again

>[*] unless you're building a statically linked bash4, the shell will not work when /usr/local is not mounted

Still no problems


>There might be some other unanticipated side effects as well.

Thats what im asking about

>Moreover, when you evaluate risks vs. rewards, what are you getting from this? For your logging to work, a user would have to use /bin/sh. Other shells are available.

Lets say all shells are patched?
 
vermaden said:
@user

Why sense in replacing tuned for scripts /bin/sh into bloated bash 4.x?
Click to expand...

If i get the meaning of your msg right you seem to collide with your signature
 
  • Thanks
Reactions: MG
Imagine all the Crap bash[itims] will heppen when you run good sh script
Code: 
#!/bin/sh
!=
Code: 
#!/usr/local/bin/bash

What I wanna say, bash is peace of garbage, I think (I can't prove it, as well as you can't prove bash is any better).

Why not to install mksh, and use it.
Why to replace sh at all?
you know you can change shell to any other you want in may ways, without having to overwrite something
 
Bad idea, many rc scripts depends upon /bin/sh. Sure bash can run them all, but I will not trust too much. Bash4 had some issue last time I checked while running for loop and it crashed few of my scripts. Later an updated patch was issued. Search this forum for other mailing list for bash4 bugs and you will get idea.
 
Im not saying i want to delete /bin/sh and use /usr/local/bin/bash..
I want to overwrite /bin/sh with /usr/local/bin/bash .. version 4 or any stable bash version.
 
user said:
>There might be some other unanticipated side effects as well.

Thats what im asking about
Click to expand...

I haven't tested what you are describing, so I don't know for sure. There are a lot of shell scripts that get run through /bin/sh. I think there is a chance you may break some of those. (But again, you would need to test that.)

IMO, this is not worth the trouble or effort. But to each his own.

-------

On a side topic, please read here to learn about using bbcode:

http://www.phpbb.com/community/faq.php?mode=bbcode

It will make your posts easier to read if you're using e.g. the quote tag properly, and not arbitrarily bolding your replies.
 
It will probably work. But /bin/rc might give some problems because bash's dependencies (/usr/local/lib?) are out of reach.
To overwrite, the original /bin/sh may not be used by any process, like rc, startx or as login shell.
 
If you compile bash statically it ought to work fine. I don't think there is anything /bin/sh can do that bash can't, but if, over time, you get accustomed to writing /bin/sh scripts using bash syntax, you're going to run into problems moving your scripts to other systems. Strictly speaking, /bin/sh != bash, and shouldn't be treated as such.
 
If all you want to do is force all your console users to use bash4 so that you can log everything that they do at the shell, then just modify /etc/shells to only specify bash4. Then change the permissions on /bin/sh and /bin/*sh so that only root:wheel can execute them. Finally, change everyone's login shell to bash4.

Voila! Done. Now all your console users are forced to use bash4 and nothing else.

Don't mess with the base system unless you are willing to put in all the time and effort to test, retest, test again, and fix things that break. ;)
 
You must log in or register to reply here.
Back
Top