Hi team:
As we know, Bash scripts are a big security matter for system reaches. For instance, [Shellshock vulnerabilities]=> (https[://]en.wikipedia[.]org/wiki/Shellshock_(software_bug)) or [bash commands injection] => https[.//]www.owasp[.]org/index.php/Command_Injection) can deeply harm yunohost instance, furthermore if executed as super-administrator (as YNH scripts does).
I suggest in the framework of deploying new apps and classify the sanity of them with the great ideas of app levels, to get in parallel of [package-linter]=>(https[://]github[.]com/YunoHost/package_linter) to use bash best practices with ShellCheck.
Hmmmm I think last time this was discussed, one conclusion was that basically the security issue is ~irrelevant because anyway the script is ran as root and you ultimately trust both :
the author of the script (otherwise you are already screwed anyway because it’s ran as root, the author doesn’t need subtle injections to backdoor your system)
and the person running the script (it’s the admin of the server so he/she’s not going to backdoor his/her own server…).
So I dunno which kind of attacker shellcheck would protect against.
Thouh otherwise, personally I think it would be good to have a code/style linter (equivalent to PEP8 but for bash) to have a standard style for writing bash, though maybe that’s not really the priority I dunno
This is just a suggestion to help app maintainers to linter the code
You are right about risk management on those scripts indeed, it’s irrelevant.
Heisen-bugs might however appear: what if a YunoHost admin want to name his admin “John Doe” (spaces may break bash code somewhere if not sanitized).
Long story short, feel free to PM me if bash lintering with this gains interest in the future!
