Proposal for HACKING.sh.txt

Roland Illig roland.illig at gmx.de
Mon Oct 18 10:34:01 UTC 2004


Hi,

I think we could collect some wisdom of how to properly write shell 
scripts. This is my first draft:

Writing Portable and Secure Shell Scripts
========================================================================

1. Shell Quoting

Generally, enclose all variables and strings in double quotes. Pay 
attention to backticks, dollar signs and backslashes, as they are 
interpreted in double quotes.

One exception could be assignments a=$b, where no quoting is necessary. 
But for uniformity of the code I suggest we write a="$b" in this case, too.

In the assignment a=`command` I would prefer not to quote the command.

2. Quoting File Names

File names that start with a special character [^A-Za-z0-9_./] might be 
interpreted as command line option by shell commands. Therefore file 
names should be quoted using the mc_shellquote function:

# example: qfname=`mc_shellquote "$fname"`
mc_shellquote() {
   case "$1" in [A-Za-z0-9_./]*) echo "$1";; *) echo "./$1";; esac
}

========================================================================

Roland



More information about the mc-devel mailing list