While Bash isn't the default system shell on FreeBSD (nor is it even installed by default), I certainly hope you're at least using "pkg audit" with things you install from the ports collection, as package signing is only just now available with pkgng and it isn't required. If we're going to have a discussion on things related to security, these points should probably be brought up.

Please explain how scripts which specify #!/bin/bash on the shebang line are going to use something else. An awful lot of scripts have that as their first line.

Please reference the output of "echo $SHELL" in your terminal. Unless you've changed it, Bash (via /bin/bash) is still your default interactive shell. You can change your shell if you like.

Part of my last comment was actually wrong, but you probably won't like the reason it was wrong. While Debian and Ubuntu use dash as the default system shell, Bash is still the default interactive (login) shell. Reference the output of "echo $SHELL" at a prompt on a vanilla Debian or Ubuntu server. I'm sure you'll appreciate this, as I agree it's always important to get our facts right. Cheers.

Wrong. The difference is clear, but it's also clear you lack any semblance of understanding that terms have implications depending on context. Please tell us all how many Linux-based systems you operate that run only a bare kernel.

Wrong. While Debian and Ubuntu (along with various other Debian derivatives) ship with dash as the default interactive shell, here's a nice (non-exhaustive) list of highly popular distributions which use Bash as the default:

• Red Hat
• Fedora
• openSUSE
• Mageia
• Arch
• Slackware

Who cares about that?

Wrong. It's not personal, really. I don't care who you are, but I do care that you made an overt attempt at muddying the waters by acting in an overly pedantic fashion, when said pedantry was clearly in error given the context of the discussion. You can always phone RMS up if want to have a nice "omg yes Linux is not GNU and GNU is not Linux" conversation. That particular point has no value in this context, as the discussion here is on complete operating systems, not bare kernels.

My facts are in order. Are you tired of digging yet? You can always put down the shovel.

Some environments do indeed link /bin/sh to a shell binary of choice. Others use things like dpkg-divert (Debian-based systems) to manage which binaries get run for certain commands, and under FreeBSD default shell selection is typically accomplished via "chsh -s /usr/local/bin/whatevershell" after installing the desired shell (probably via the ports collection). What was your point again?

Please elaborate. I'm deeply troubled by the possibility that my understanding of BSD-based systems might be flawed, since I've been operating a significant amount of infrastructure based on OpenBSD and FreeBSD for over a decade.

No, you're incorrect, and you're making yourself look worse now. Put down the shovel. Let's review, starting with your original post:

An "OS" (operating system) is more than a bare kernel, at least for the systems being discussed in this scope, and this is certainly the case for the overwhelming majority of general purpose computers on our planet. "Linux" in this context refers to operating system distributions which include a Linux kernel and various assortments of userland software, much as FreeBSD/Mac OS X/Windows/etc consists of a kernel and other software. Operating systems do indeed have a concept of a default shell, and this may be expressed as simply as a filesystem link from /bin/sh to whatever program is designated as the default, or it may be a default in another sense such as the default shell assigned to a user account upon its creation if no particular login shell is specified.

The default installed set of software (the "applications") will vary between distributions, and if a vulnerable application (Bash in this case) is not installed, the server running said operating system environment cannot be exploited via any vulnerabilities which may exist in that application. If an administrator chooses to install a particular bit of software, the system then may become exposed to security vulnerabilities in said software, but the important distinction being made here is that computers are not vulnerable to bugs for software which isn't installed. Most popular distributions Linux systems install Bash by default, and it is frequently the default shell.

This is really very simple. Are you still having trouble with comprehension? I suspect you may be attempting to act in a pedantic manner here, but you're doing a poor job of it if that's the case.

You're incorrect. The default shell is tcsh on FreeBSD, and bash isn't even installed by default.

I'm working on some rather large scale parallel network operations, btw.

I suspect we'd get along pretty well. Hit me up if you're ever in Dallas, TX.

While my personal observations in this context are overwhelmingly in agreement with yours, I'll add that there is a subtle difference between office cultures which display visceral disdain for formality and those which merely disregard it as being irrelevant to the core mission of the business. The former may be summarized as "damn the man, we're hip and trendy and full of venture capital, and can you please repeat the question" whereas the latter may be closer to "the attire of a particular group of people only becomes a relevant factor if a strong correlation between utility/intelligence/incompetence is simultaneously noted, and said correlation should not necessarily be assumed to extend to other groups of people."

Given that you bothered to reference "lenght (sic) of time," I find it disheartening that you have also demonstrated apparent failure to comprehend or intelligently consider bounding problems, population density, transmission risks and rates, practical effects of seemingly low mutation rates, microbiology, and systems thinking. In short, all activities involving large scale administration of antibiotics to livestock at dosages resulting in appreciable treatment/prevention efficacy are practices which drive substantial and increasing risks to public health.

The math doesn't lie, and the trending curves of probabilities associated with widespread epidemics aren't exactly uplifting. I'll make a preemptive recommendation that you suppress the urge to post anything resembling a cliché "citation needed" response here. Given the circumstances at hand, devotion of your time to even a cursory review of the aforementioned subject matter would likely be a more productive activity. Such study will necessarily involve your review of all citations referenced in said materials, review of nested citations, etc. You wouldn't want to compound foolishness with yet more foolishness, would you?

I'm willing to admit that I may be entirely wrong in my assessment of your level of knowledge, with the corollary that you are simply betting that your benefits will outweigh your risk in this area for the duration of your lifespan. However, given that I know nothing of your mode of living or the measures of your personal resource reserves on hand for reaction/relocation/adaptation/insulation in response a large scale communicable disease crisis, I must hazard a guess that you're either (A) dangerously ignorant of reality or (B) very well prepared to deal with things turning shitty in a hurry. It is my measured estimation that the odds of your membership in the intersecting set are quite low, given your mid-range UID and the generally incongruous nature of the respective attributes of the A and B sets.

If you work in any field involving network infrastructure, software development, information services, or data management/warehousing and your salary is at all dependent upon your attire, I strongly suggest you inquire with competing firms. You may well find they're paying better and place fewer arbitrary burdens upon their personnel.

I'm not opposed to wearing a well-tailored suit. I've worn many suits over the years, and I once wore a Navy uniform for a living. These facts notwithstanding, your view on this topic is plainly distorted. My professional workplace doesn't have this expectation, and our average employee salary is considerably higher than that of a great many companies with dress codes. Our expectations are that reasonable personal hygiene is attended to and that our employees bring brains and dedication to work every day. As for clothes, the policy is generally "yes, please, nudity might be distracting." This workplace is a rather large, professionally designed, thoughtfully laid out office space. Lunch is also catered every day. You might be doing it wrong.