Q. I know #!/bin/bash is shebang line. But, I noticed a few shell script shebang line ends with a single dash ( #!/bin/bash - ) or double dash ( #!/bin/bash -- ). Can you explains me purpose of such shebang line?
A. A - or -- signals the end of options and disables further option processing i.e. bash will not accept any of its option. Any arguments after the -- are treated as filenames and arguments. An argument of - is equivalent to --. This is done to improve script security. Some user may perform setuid based script root spoofing. To avoid interpreter spoofing you need to add -- to #!/bin/bash. This is rare but possible attack.
No comments:
Post a Comment