Shell scripts and security

Question

TLDP\'s Advanced Bash Scripting Guide states that shell scripts shouldn\'t be used for \"situations where security is important, where you need to guarantee the integrity of

Answer 1

Probably because it's just easy to screw up. When the PATH is not set correctly, your script will start executing the wrong commands. Putting a space somewhere in a string might cause it to become two strings later on. These can lead to exploitable security holes. In short: shells give you some guarantees as to how your script will behave, but they're too weak or too complex for truly secure programming.

(To this I would like to add that secure programming is an art in itself, and screwing up is possible in any language.)