The shell script is ubiquitous on Linux hosts. Administrators use shell scripts to run backups, purge /tmp directories, monitor processes and create users, just to name a few tasks. Some applications are written in shell script also, and some users rely on shell scripts for installation or integration purposes.
Despite their widespread usage, many shell scripts are written with little to no consideration for security. Worse, due to some inherent weaknesses and a complex syntax, writing secure shell scripts can be pretty difficult. This tip will provide some simple tips for how to make your shell scripts as secure as possible.
The information in this tip is generic across multiple shell types (BASH, Korn, C-Shell, etc) and focuses on the major issues in shell script security, rather than specifics for a particular shell.Read Full Story