Revision as of 23:55, 26 August 2025 edit Blush30720 (talk \| contribs) Extended confirmed users 1,225 edits Undid revision 1307846447 by OceanLoop Reverting a deletion which borders on defacement. Please use Wiki's tools to ask for more citations. Tags: Undo Reverted ← Previous edit		Revision as of 23:58, 26 August 2025 edit undo OceanLoop (talk \| contribs) Extended confirmed users, Pending changes reviewers 3,291 edits Reverted 6 edits by Blush30720 (talk): Use Talk to discuss your changes and please stop edit warring Tags: Twinkle Undo Next edit →
Line 3: <!-- Do not give aspirin ⇒ The WHO advises against the use of aspirin --> <!-- --> <!--{{In use\| date = 2025-08-12\| section = entire article}}--> ~~<!--~~{{Under construction\|date=2025-08-12\|nosection=yes}}~~-->~~ ~~{{How-to\|date=January 2019}}~~ {{More refs\|date=August 2025}} {{Use dmy dates\|date=March 2014}} Line 241 ⟶ 240: === ASCII, strings and numbers <span class="anchor" id="ASCII"></span> <span class="anchor" id="strings"></span> <span class="anchor" id="numbers"></span> === <!-- Important concepts: ~~ASCII~~ [x] Characters [x] Human/computer communitcation Line 249 ⟶ 248: [ ] Information --> ~~<!-- Important concepts: strings~~ ~~[x] String~~ ~~[x] Filenames~~ ~~-->~~ ~~<!-- Important concepts: numbers~~ ~~[x] Zero-based numbering~~ ~~-->~~ {{Blockquote \| The input language to the shell shall be first recognized at the character level.<ref> Line 329 ⟶ 320: </syntaxhighlight> <!-- Important concepts: [x] String [x] Filenames --> Any series of characters is called a "[[String (computer science) \|string]]," or sometimes a "[[string literal]]." In Unix-like operating systems, all characters, printable and non-printing, except for a few such as the [[null character]] and forward slash {{char\|/}}, can be used in naming [[Filenames \|files]]. Line 346 ⟶ 341: </ref> <!-- Important concepts: [x] Zero-based numbering [] --> In everyday life, people usually begin counting some group of items from the number one: 1, 2, 3 apples. In computer science it is customary to do as the computers do and begin counting the first item from the number zero: 0, 1, 2 oranges, for a total of 3 oranges. Line 407 ⟶ 406: === CLI and GUI <span class="anchor" id="CLI and GUI"></span> === ~~<!-- Important concepts:~~ ~~[x] Origin of CLI paradigm~~ ~~[x] Origin of terminal emulators~~ ~~[x] GUI~~ ~~-->~~ {{Main Line 422 ⟶ 415: }} <!-- Important concepts: [x] Origin of CLI paradigm [x] Origin of terminal emulators [x] GUI --> Long after the first Analytical Engine, in the mid-1960's one of the primary ways for humans and computers to interact in real time was at a keyboard with a [[teleprinter]]: only display of textual characters was possible.<ref> {{Cite web Line 452 ⟶ 450: [x] Terminal emulator as separate from shell --> This functionality is provided by a program called [[GNU Readline]] and is available in interactive mode only. Certain keypress combinations allow a user to operate Bash to use tab completion and to search the command history. Line 504 ⟶ 500: \| website = hypexr.org }}</ref> ~~=== Comments ===~~ ~~<!-- Important concepts:~~ ~~[x] Comments~~ ~~[x] Inline comments~~ ~~-->~~ ~~Comments can be a valuable way of clarifying information or explaining a script or source file to someone else who might not be familiar with the scripter's intentions or context.~~ ~~Standard comments in Bash are denoted with a hashtag character: {{char\|#}}.~~ ~~Any text to the right of the hashtag to the end of the line will be ignored.~~ ~~Inline comments are allowed, but hashtag comments will not print during debugging. See also: {{section link\|\|xtrace}}.~~ ~~:<syntaxhighlight lang="console">~~ ~~$ echo '<foo>' # An inline hashtag comment occurs on the same line as a command~~ ~~<foo>~~ ~~$ # A regular comment (no output)~~ $ ~~</syntaxhighlight>~~ === Syntax <span class="anchor" id="Syntax"></span><span class="anchor" id="Tokens"></span><span class="anchor" id="Metacharacters"></span><span class="anchor" id="Operators"></span><span class="anchor" id="Words"></span><span class="anchor" id="Names"></span> === Line 530 ⟶ 506: [] stream of characters [] delineate full commandlines (newline, semi-colon) ~~[x] Bash reads one line at a time~~ ~~[x] Line continuation~~ [] division into commands and parts of commands (optargs) [] uses metacharacters --> <syntaxhighlight lang = text> "Tokens" \_ "Blanks" \_ "Operators" (Ops) \_ "Control Ops" \_ "Redirection Ops" \_ "Words" \_ "Reserved Words" \_ "Names" </syntaxhighlight> {{Blockquote Line 548 ⟶ 532: }} ~~A person typing at a keyboard creates something called a ''stream'' of characters.~~ In the [[Command-line interface#Comparison to graphical user interfaces \|command-line interface]] [[paradigm]], via a [[terminal emulator]] Bash receives a series of characters from the user and expects each series of characters to be a command. ~~By default, Bash reads user code one line at a time, interprets any newline or semi-colon character {{code\|;}} as the end of the current command, and executes commands in sequence.~~ ~~If an interactive command extends beyond the width of the terminal emulator, it's usually possible to keep typing and the command will wrap around.~~ ~~To extend a command beyond a newline onto an additional line, it's necessary that the final character of the first line be an unescaped backslash, {{code\|\}}, which signals "line continuation."~~ ~~Bash always finishes parsing and executing one full commandline before moving on to and beginning with the parsing of the next commandline.~~ ~~:<syntaxhighlight lang="console">~~ ~~$ foo=aa bar=bb quux=cc zork=dd; set -o xtrace~~ ~~$ : "${foo}"; : "${bar}"~~ ~~+ : aa~~ ~~+ : bb~~ ~~$ : "${quux}" \~~ ~~> : "${zork}"~~ ~~+ : cc : dd~~ $ ~~</syntaxhighlight>~~ When Bash reads a ''full commandline,'' the complete string is broken down according to a certain set of rules into individual units called ''"tokens."'' ~~<syntaxhighlight lang = text>~~ ~~"Tokens"~~ ~~\_ "Blanks"~~ ~~\_ "Operators" (Ops)~~ ~~\_ "Control Ops"~~ ~~\_ "Redirection Ops"~~ ~~\_ "Words"~~ ~~\_ "Reserved Words"~~ ~~\_ "Names"~~ ~~</syntaxhighlight>~~ "Tokens" are identified using, and separated from each other using ''"metacharacters."'' (As of version 5.3:) Line 669 ⟶ 622: <!-- Important concepts: [] ~~[] replacement of placeholders / logical substitution~~ ~~[] Expansion vs substitution~~ --> "Expansion" is a crucial concept in Unix-like shells. See [[String interpolation]]. Line 703 ⟶ 654: [x] Arrays --> For data structures Bash offers variables and arrays, and though there are numerous kinds of each of these available, the data structures are relatively simple compared to other languages like [[C (programming language) \|C]] or [[Java (programming language) \|Java]].<ref>{{Cite web \| access-date = 15 August 2025 Line 714 ⟶ 664: All data is stored in memory as a string. '''Syntax common among data structures in Bash:''' Beginnning a word with a dollar character signifies that the word is the name of a variable or array. Surrounding the dollar / variable name syntax in double quotes is always advised. Line 843 ⟶ 794: === Processes <span class="anchor" id="Processes"></span> === {{Main \| Process (computing) \| Attribute (computing) }} <!-- Important concepts: Line 852 ⟶ 808: [x] Working directory --> ~~{{Main~~ ~~\| Process (computing)~~ ~~\| Attribute (computing)~~ }} Each [[operating system]] (OS) has at its core a program called the [[Kernel (operating system) \|kernel]] which runs commands.<ref name = Brit_control-unit> {{Cite web Line 899 ⟶ 849: === Files and permissions <span class="anchor" id="Files and permissions"></span><span class="anchor" id="Files"></span><span class="anchor" id="Permissions"></span> === {{Main \| File system \| Unix file types \| File-system permissions }} <!-- This subsection is messy --> Line 908 ⟶ 864: [?] umask --> ~~{{Main~~ ~~\| File system~~ ~~\| Unix file types~~ ~~\| File-system permissions~~ }} In Unix-like operating systems, all objects locatable on the [[file system]] are considered to be "files."<ref name = tldp_3.1.1> {{Cite web Line 957 ⟶ 906: === Paths <span class="anchor" id="Paths"></span> === {{Main \|Path (computing) \| Hierarchical file system }} <!-- Important concepts: Line 963 ⟶ 916: [x] File anchor: './' --> ~~{{Main \|Path (computing)~~ ~~\| Hierarchical file system~~ }} In Unix-like OS's, files, hardlinks, device nodes, etc., (i.e., "files") are sorted into [[Directory (computing) \|directories]] that form a hierarchical file structure which is nested in a "parent" and "child" manner. The base of the hierarchy is called the "root directory" which is denoted by one forward slash: {{char\|/}}. Line 993 ⟶ 941: === Execution <span class="anchor" id="Execution"></span> === {{Main \| Execution (computing) }} <!-- Important concepts: [x] Execution / to execute a command [x] An executable [x] Bash reads one line at a time [x] Line continuation [x] Command position [ ] A single logical construct is parsed as a single unit --> "Execution" of a given program occurs when a user (or some other program) asks the operating system to act upon the instructions contained in the given program. By default, Bash reads user code one line at a time, interprets any newline or semi-colon character {{code\|;}} as the end of the current command, and executes commands in sequence. ~~{{Main~~ If an interactive command extends beyond the width of the terminal emulator, it's usually possible to keep typing and the command will wrap around. ~~\| Execution (computing)~~ To extend a command beyond a newline onto an additional line, it's necessary that the final character of the first line be an unescaped backslash, {{code\|\}}, which signals "line continuation." }} Bash always finishes parsing and executing one full commandline before moving on to and beginning with the parsing of the next commandline. :<syntaxhighlight lang="console"> ~~"Execution" of a given program occurs when a user (or some other program) asks the operating system to act upon the instructions contained in the given program.~~ $ foo=aa bar=bb quux=cc zork=dd; set -o xtrace $ : "${foo}"; : "${bar}" + : aa + : bb $ : "${quux}" \ > : "${zork}" + : cc : dd $ </syntaxhighlight> The first word of a commandline is known as the "command position." Line 1,483 ⟶ 1,448: [x] Description and visual example of xtrace [x] How to enable and disable xtrace ~~[x] Thompson-style comments visible in xtrace~~ [x] xtrace re POSIX --> Line 1,503 ⟶ 1,467: $ </syntaxhighlight> The {{Mono\| xtrace}} shell setting is specified by POSIX. See also {{section link\|\|Debugging}}. === The {{mono\| verbose}} option === <!-- Important concepts: [x] Saying something about Verbose mode --> The verbose option prints strings to the terminal as they are read, and before any expansions are performed. Rarely used.<ref>See {{Code\| set -v\| bash}} in the documentation.</ref> === Comments === <!-- Important concepts: [x] Comments [x] Inline comments [x] Observability of comments --> Comments can be a valuable way of clarifying information or explaining a script or source file to someone else who might not be familiar with the scripter's intentions or context. Standard comments in Bash are denoted with a hashtag character: {{char\|#}}. Any text to the right of the hashtag to the end of the line will be ignored. Inline comments are allowed, but hashtag comments will not print during debugging. See also: {{section link\|\|xtrace}}. Comments denoted with a colon character, {{char\|:}}, originated with the [[Thompson shell]].<ref> Line 1,525 ⟶ 1,512: :<syntaxhighlight lang="console"> $ # Define foo~~=bar~~ $ foo=bar # An inline hashtag comment occurs on the same line as a command $ set -x $ # A regular comment (no output) $ : "${foo}" + : bar $ </syntaxhighlight> ~~The {{Mono\| xtrace}} shell setting is specified by POSIX.~~ ~~See also {{section link\|\|Debugging}}.~~ ~~=== The {{mono\| verbose}} option ===~~ ~~<!-- Important concepts:~~ ~~[x] Saying something about Verbose mode~~ ~~-->~~ ~~The verbose option prints strings to the terminal as they are read, and before any expansions are performed. Rarely used.<ref>See {{Code\| set -v\| bash}} in the documentation.</ref>~~ === Exit codes === Line 1,553 ⟶ 1,531: [x] Lack of standardization --> When bash executes commands, [[exit status]] codes, also called "return codes," are produced which can offer some insight into the manner in which a program ceased running. The value of the most recently captured exit code is held within the shell parameter, 'question mark:' {{Code\| $? }}. Line 3,054 ⟶ 3,031: \| author = OWASP Input Validation Cheat Sheet }} ~~=== Command injection ===~~ * CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')~~ ~~\| url = https://cwe.mitre.org/data/definitions/77.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ * CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')~~ ~~\| url = https://cwe.mitre.org/data/definitions/78.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ * CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')~~ ~~\| url = https://cwe.mitre.org/data/definitions/88.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ ~~Clearlisting is more effective than blocklisting.~~ * CWE-184: Incomplete List of Disallowed Inputs<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-184: Incomplete List of Disallowed Inputs~~ ~~\| url = https://cwe.mitre.org/data/definitions/184.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ ~~=== Path traversal ===~~ * CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')~~ ~~\| url = https://cwe.mitre.org/data/definitions/22.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ ~~=== TOCTOU errors (Race conditions) ===~~ * CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition~~ ~~\| url = https://cwe.mitre.org/data/definitions/367.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ ~~The {{Code\| mkdir\| bash}} and {{Code\| mktemp\| bash}} commands are known to create directories / files in an [[ACID \|atomic]] fashion.~~ ~~=== Untrusted search PATH ===~~ * CWE-426: Untrusted Search Path<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-426: Untrusted Search Path~~ ~~\| url = https://cwe.mitre.org/data/definitions/426.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ * CWE-427: Uncontrolled Search Path Element<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-427: Uncontrolled Search Path Element~~ ~~\| url = https://cwe.mitre.org/data/definitions/427.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ * CWE-428: Unquoted Search Path or Element<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-428: Unquoted Search Path or Element~~ ~~\| url = https://cwe.mitre.org/data/definitions/427.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ ~~=== Abuse of symlinks ===~~ * CWE-61: UNIX Symbolic Link (Symlink) Following<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-61: UNIX Symbolic Link (Symlink) Following~~ ~~\| url = https://cwe.mitre.org/data/definitions/61.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ ~~=== Sensitive information in error messages ===~~ * CWE-535: Exposure of Information Through Shell Error Message<ref> ~~{{Cite web~~ ~~\| access-date = 17 August 2025~~ ~~\| publisher = [[Mitre Corporation \|The MITRE Corporation]]~~ ~~\| title = CWE-535: Exposure of Information Through Shell Error Message~~ ~~\| url = https://cwe.mitre.org/data/definitions/535.html~~ ~~\| website = mitre.org~~ ~~}}</ref>~~ === Shellshock === Line 4,523 ⟶ 4,385: === Unix shells === {{div col\|colwidth=24em}} * [[Almquist shell \| Almquist shell (ash)]] * [[Bourne shell \| Bourne shell (sh)]] Line 4,552 ⟶ 4,415: * yash – Yet Another Shell, aims "to be the most POSIX-compliant shell in the world"; available on Arch. * [[Z shell \| Z shell (zsh)]] {{div col end}} ~~=== Graphical interface to scripts ===~~ <!-- This subsection added from https://ru.wikipedia.org/wiki/Bash on 6 Aug 2025 --> === Graphical interface to scripts === There are many programs that allow you to create a graphical interface for shell scripts.

Bash (Unix shell): Difference between revisions