It's amazing the number of people that thing shell scripts should be anything ot...

valleyer · 2025-12-18T14:52:30 1766069550

I can't tell whether you're making a joke, seeing as the entire BSD init system is built on shell scripts.

cesarb · 2025-12-18T15:34:17 1766072057

Probably not a joke. In the same way people want to get away from the C language due to its propensity to memory vulnerabilities, shell scripts have their own share of footguns, the most common being a variable not being quoted when it should (which is exactly the issue described in this advisory).

It doesn't mean getting away from scripting languages; it means getting away from shell scripts in particular (the parent poster said specifically "zero shell scripts"). If the script in question was written in Lua, or heck even Javascript, this particular issue most probably wouldn't have happened, since these scripting languages do not require the programmer to manually quote every single variable use.

valleyer · 2025-12-18T15:45:10 1766072710

That's fine; I just thought it was weird to say that we should check to see whether any shell scripts are used in the BSD init system. We know there are; it was a deliberate design decision at the time, even if we might now wish for it to be different.

IshKebab · 2025-12-18T15:51:14 1766073074

Not a joke. I knew they used to use a pile of janky shell scripts for their init system. I didn't know they still do. That's disappointing.

And cesarb is correct - the issue isn't scripts; it's shell scripts, especially Bash and similar. Something like Deno/Typescript would be a decent option for example. Nushell is probably acceptable.

Even Python - while a terrible choice - is a better option than shell scripts.

matheusmoreira · 2025-12-18T16:12:40 1766074360

The issue is POSIX standardizing legacy stuff like shells, thereby tempting people to write "portable" software, leading these technologies to ossify and stick with us for half a century and counting. Someone comes along and builds something better but gets threatened for not following "the UNIX way".

IshKebab · 2025-12-18T18:29:21 1766082561

This is a very good point. I wonder how hard it would be to get POSIX to standardise a scripting language that isn't awful.

Probably never going to happen. There is a dearth of good scripting languages, and I would imagine any POSIX committee is like 98% greybeard naysayers who think 70s Unix was the pinnacle of computing.

valleyer · 2025-12-18T20:35:02 1766090102

POSIX does not specify the init/rc script system, so it's not a factor here at all. A POSIX-compliant system could use Python scripts. macOS (which is UNIX 03 certified) uses launchd. A POSIX system has to ship the shell, not use it.

And FreeBSD isn't actually POSIX-certified anyway!

The real consideration here is simply that there are tons of existing rc scripts for BSDs, and switching them all would be a large task.

MisterTea · 2025-12-18T16:35:52 1766075752

Unfortunately your joke has wooshed over quite a few heads but what you say is true. The shell should be one of the most reliable parts of your operating system. Why on earth would you NOT trust the primary interface of your OS? Makes no sense.

wmf · 2025-12-18T16:59:19 1766077159

The shell itself may be reliable but shell scripts are notorious for security issues.

IshKebab · 2025-12-18T19:57:46 1766087866

I'm not sure I follow you but it wasn't a joke. Shell scripts are notoriously error-prone. I absolutely do not trust shell script authors to get everything right.

Also the shell isn't even "the primary interface of your OS". For Linux that's the Linux ABI, or arguably libc.

Unless you meant "human interface", in which case also no - KDE is the primary interface of my OS.

MisterTea · 2025-12-18T21:33:48 1766093628

> I'm not sure I follow you but it wasn't a joke. Shell scripts are notoriously error-prone. I absolutely do not trust shell script authors to get everything right.

This is an extremely naive take as are the rest of your comments. Any language in the wrong hands is error prone.

IshKebab · 2025-12-18T23:09:07 1766099347

> Any language in the wrong hands is error prone.

Talk about naive!

linksnapzz · 2025-12-19T06:13:36 1766124816

Feel free to implement system utilities in whichever language you feel will completely eliminate the possibility of bugs.

I wait with bated breath.

IshKebab · 2025-12-19T07:39:13 1766129953

"error-prone" means bugs are more likely than the alternatives. It doesn't mean that the alternatives completely eliminate the possibility of bugs. Come on.

linksnapzz · 2025-12-19T15:14:11 1766157251

I wonder what the tally is for "things posted to HN that'll replace bash/ksh/zsh in every respect REAL Soon Now". It's a genre of post unto itself.

IshKebab · 2025-12-19T18:12:31 1766167951

What language is Systemd written in? I'm pretty sure it's not Bash.

linksnapzz · 2025-12-19T20:18:18 1766175498

I've never been able to use systemd as a command interpreter.

hollerith · 2025-12-18T20:08:01 1766088481

You are being downvoted, but I agree with you.

I've always believed sh, csh, bash, etc, are very bad programming languages that require excessive efforts to learn how to write code in without unintentionally introducing bugs, including security holes.

linksnapzz · 2025-12-19T06:18:10 1766125090

Sir, this is a Wendy's.

If you want all-singing, all-dancing opaque binaries to handle every conceivable configuration eventuality, MacOS and Windows are <-- that way. Or, you could have patience, and sometime soon systemd will likely expand to cover your use-case.

hollerith · 2025-12-19T12:42:41 1766148161

On MacOS I remember many .plist files but no binary config files. The .plist format looks similar to XML.

I like the .ini format used by systemd (and do not have an opinion about the overall quality of systemd).