Whonix Wiki Download Docs News Support Tips Issues Contribute DONATE

more secure shell version in whonix experimental - ash - reduced attack surface

good idea for current whonix but whonix in general needs to have seperate branches, one for current whonix (stable) and other for “experiments” where maintainers can just put ash or dash or bash or zsh without starting a discussion then putting a download link to for testing/bug hunting under some kind “Experimental” page in wiki/download page

the shell in that version (experimental) should be ash due low amount of code and good security track when compared to bash/zsh

1 Like

What has a greater attack surface:

  • outdated, archived, unmaintained, old implementation of the Bourne Shel with Debian dash (ash for debian), with known vulnerabilities. Dash man page was last written in 2003.
  • updated, maintained, widely developed, feature rich shell zsh where security bugs are still being fixed

Not sure what you mean by a more secure version called experimental, but if that version is ash almost all shells can run in Posix Compliant mode, the same code can be run on all of them, an attacker does not care if your interactive shell is Zsh, Bash, Dash, Ash, Sh, Ksh, Csh, as long as their code is POSIX, it will be able to exploit your machine.

But if you are saying a targeted exploit to your interactive shell called Zsh, but no other shell, then that is a targeted attack, and if you have an enemy that can use that kinda of attack, that no shell will protect you, not Zsh nor Ash.

Whonix can’t make a restrictive shell user friendly. Try rbash (Restrictive Bash, read the man).

Open to be proven wrong.

1 Like

posix is not bible lol all of these shells have different code and wont run ur script unless its pretty basic, though most code works fine across them, quite few do not work well if just slam shell code to another shell lol

ash is minimal in terms of code and thus reduced attack surface
your many eyes bash had a bug in it called shellshock, not very secure huh?

i am talking pure security here, ash is not dash and is actively maintained

Provide references to the Ash shell you are talking about.

as for “experimental” i meant that currently whonix doesnt release “Experimental” builds where the maintainers are given more freedom to add and remove stuff as they see fit and things that stick long enough get moved to next “stable” whonix release i mean

ash is fork of dash actively maintained low size because low code but less shell specific features

Almquist shell - Wikipedia
Ash (mainly the Dash fork) is also fairly popular in embedded Linux systems.

The bad arrangement of words gives you a false impression that Ash is a Dash fork. Let me reword it: Ash, mainly its fork named Dash, is also fairly popular in embedded Linux systems.

$ man dash

HISTORY
dash is a POSIX-compliant implementation of /bin/sh that aims to be as small as possible. dash is a
direct descendant of the NetBSD version of ash (the Almquist SHell), ported to Linux in early 1997.
It was renamed to dash in 2002.

http://gondor.apana.org.au/~herbert/dash/

https://www.in-ulm.de/~mascheck/various/ash/

No, it is a standard, but if you are talking in books, it is a dictionary, a regiment.

Attack surface is not only amount of lines of code.

True, shells should never ever had networking capabilities, but now they have, web era.

Dash came from Ash.

And about being actively maintained:
https://www.in-ulm.de/~mascheck/various/ash/recent_changes.html

13-02-2021:
    VMWare ESX 6.7.0 has busybox 1.x as system shell 
11-10-2014:
    explicitly mention that ash accepts "{ ...; }" as body in a "for" loop like many other shells (undocumented). Not only that dash threw this out. 
11-05-2014:
    "local -" (make $- local in functions) apparently is the second characteristic feature of ash, thanks to Jilles Tjoelker
    added some fixes on FreeBSD 9.0, thanks to Jilles Tjoelker
    11-05-2014: improved picture concerning android 
12-04-2014:
    added Android 

What is 7 years without updates?

That is the link gathered from the reference you made to wikipedia.

ash is not dash it is a fork mainly specific to alpine and embedded usage, also calling alpine shell unmaintained ? i wont write paragraph on why that is not true, if u check any github or docker file it will be running alpine, alot of companies use alpine, everything in alpine is small and is easier to review, including shell.

the wikipedia links are not up to date because wikipedia is historic not a git comit history lol

instead of arguing with me why not go to any major (and small) tech company or cybersec company and call them out on their use of a “outdated” shell (untrue) ? i am sure they will be all ears as they make their living off tech and last thing they want is to get hacked from using bad ash

Ash is not a user facing shell, it is to run scripts fast, not meant to be a secure shell, it is just small because there is no further development to it.

Including nobody uses that shell except minimal distros, and Whonix is not and does not aim to be.

You gave me the link, I am just using it.


Ash is minimal indeed, but not user facing, not even Debian use it to be interactive, just on the background. Alpine uses, but common people are limited on Alpine.

Instead of focusing which shell is more secure, because I’m aware that Zsh is much bigger than Ash, convince one major distro (Debian, Ubuntu, Fedora) to default to Ash instead of Bash and Zsh and let’s if they find it usable, useful…

Indeed they do not focus on security, but if Whonix starts using Ash, many scripts are still being written in Bash and bash will still be installed, so you haven’t limited that yet.

1 Like

If Whonix ever has a minimal version released, I will myself make it use Ash, but for the time being, it will still be Zsh or Bash.

1 Like

No offense but you come off as somebody who never wrote a shell script in their entire lives and definitely does not know what he is talking about. t. busybox contributor

Ash does not receive many updates or fixes because there is nothing to fix or improve on, unlike all other shells you mentioned who are cluttered with security issues, bugs and possibly more

They do not claim to be security-focused operating systems, unlike Whonix who does.

Ash switch would be a small improvement when compared to current security issues Whonix has. Xfce xorg? that stuff hasn’t updated in years, might as well be older than you.

They work great with few to no modifications when ran on ash. have you read a single script before? now is the time

you don’t have a say in that and you are not a developer, and won’t be due fact you cannot code nor script shown by your clear lack of ability to comprehend that ash is more POSIX compliant than Bash and Zsh and is not cluttered with bugs. it is not too late to start learning basic scripting but mean time stay away from security stuff.

@nyxnor’s first post ever in Whonix forums started with a contribution, that was bringing back the deprecated tor-ctrl back to live:

And much more since then.

An exemplary way of starting becoming a contributor.

See @nyxnor’s github profile:

2 Likes