用户:LianSheng/沙盒


Bash, the default shell on many GNU/Linux systems.

A command shell is a command-line interface to interact with and manipulate a computer's operating system.

General characteristics

Shell Usual environment Usually invoked Introduced Platform-independent Default login shell in Default script shell in License Source code availability User interface Mouse support Unicode support ISO 8601 support Console redirection Stream redirection Configurability Startup/shutdown scripts Batch scripts Logging Available as statically linked, independent single file executable
Thompson shell UNIX sh 1971 不适用 UNIX UNIX 不适用 Text-based CLI 不适用 不适用 不适用 不适用 不适用 不适用 不适用
Bourne shell 1977 version 7th Ed. UNIX sh 1977 Yes[1] 7th Ed. UNIX 7th Ed. UNIX, Proprietary[2] Text-based CLI 不适用 Yes (Template:Refnec) Yes (via variables and options) Yes (.profile) Yes (Unix feature)
Bourne shell current version Various UNIX sh 1977 Yes[3] SunOS-5.x, FreeBSD (non-root user)[4] SunOS-5.x CDDL[5][需要较佳来源] Text-based CLI [nb 1][需要较佳来源] 不适用 Yes (Template:Refnec) Yes (via variables and options) Yes (.profile) Yes (Unix feature) [nb 2]
POSIX shell[6] POSIX sh 1992[7] 不适用 不适用 POSIX 不适用 不适用 Text-based CLI Yes, if used by configured locale 不适用 Yes (Template:Refnec) Yes (via variables and options) Unspecified (.profile given as an example) Yes (Unix feature) 不适用
bash (v4) POSIX bash, sh 1989[8] GNU, Linux (default for root), macOS 10.3–10.14 GNU, Linux, Haiku, macOS 10.3–10.14 GPL Text-based CLI [9][需要较佳来源] Yes (printf builtin) Yes (Template:Refnec) Yes (via variables and options) Yes (/etc/profile, .bash_profile, .bash_login, .profile, .bashrc) Yes (Unix feature)
csh POSIX csh 1978 SunOS ? BSD Text-based CLI ? Yes (stdin, stdout, stdout+stderr) Yes (via variables and options) Yes (~/.cshrc, ~/.login, ~/.logout) Yes (Unix feature)
tcsh POSIX tcsh, csh 1983[10] FreeBSD (default for root), formerly Mac OS X ? BSD Text-based CLI ? Yes (stdin, stdout, stdout+stderr) Yes (via variables and options) Yes (/etc/csh.cshrc, /etc/csh.login, ~/.tcshrc, ~/.cshrc, ~/.history, ~/.login, ~/.cshdirs) Yes (Unix feature)
Hamilton C shell Win32, OS/2 csh 1988[11] 是 (OS/2 version no longer maintained) 可选 可选 专有 Text-based CLI Yes (-t timestamp operator) Yes (stdin, stdout, stdout+stderr) Yes (via variables and options) Yes (via login.csh, startup.csh and logout.csh) Yes (command line option)
Scsh POSIX scsh 1994 ? ? BSD-style ? ? ? ? ? ? ? ? ?
ksh (ksh93t+) POSIX ksh 1983[12][13] AIX, HP-UX OpenSolaris Common Public License Text-based CLI Yes (printf builtin with %(%F)T[14]) Yes (fds up to 9)[14] Yes (via variables and options) Yes (system and user's profile and kshrc) Yes (Unix feature)
pdksh POSIX ksh, sh 1989? OpenBSD[15] OpenBSD[15] Public Domain Text-based CLI 不适用 Yes (Template:Refnec) Yes (via variables and options) Yes (/etc/profile, .profile) Yes (Unix feature)
zsh POSIX zsh 1990 Deepin, GoboLinux, Grml, macOS 10.15+ Grml, macOS 10.15+ MIT-style Text-based CLI via additional code[16] Yes (various internal features involving the date, by using the %F strftime format[17] and the -i option for the fc builtin[18]) Yes (fds up to 9)[19] Yes (via variables, options, functions, styles, etc.) Yes (system and user's zshenv, zprofile, zshrc, zlogin, zlogout) Yes (Unix feature)
ash POSIX sh 1989 Minix, BusyBox based systems NetBSD, Minix, BusyBox based systems BSD-style Text-based CLI 部份 (for BusyBox, supported in command-line editing, but not in string handling[20]) 不适用 Yes (Template:Refnec) Yes (via variables and options) Yes (/etc/profile, .profile) Yes (Unix feature)
CCP CP/M, MP/M (CCP) 1976 (1974) CP/M (no login), MP/M CP/M, MP/M Freeware (originally proprietary) 是 (originally closed-source) Text-based CLI 是 (automatic via $$$.SUB) 部份 (only via external SUBMIT command to update $$$.SUB)
COMMAND.COM DOS COMMAND 1980 否 (3rd party implementations, not bound to a specific DOS vendor or version, available) DOS, Windows 95, 98, SE, ME DOS, Windows 95, 98, SE, ME vendor specific, f.e. MS-EULA,[nb 3] or BSD/GPL (free clones) 否 (except for OpenDOS, DR-DOS, PTS/DOS and FreeDOS) Text-based CLI 否 (except for DR-DOS) 是 (via COMMAND con: or CTTY con:) Yes (stdin, stdout) 是 (via startup parameters and environment variables, DR-DOS also supports DIR /C /R user-default switch command) 是 (automatic \AUTOEXEC.BAT for primary shell, or explicitly via /P, /P:filename.bat or /K startup options) 是 (via CALL command or /C and /K startup options)
OS/2 CMD.EXE OS/2, eComStation, ArcaOS CMD 1987 OS/2, eComStation, ArcaOS OS/2, eComStation, ArcaOS IBM-EULA[nb 4] Text-based CLI Yes (stdin, stdout, stderr) ? 部份 (only via /K startup option) 是 (via CALL command or /C and /K startup options)
Windows CMD.EXE[nb 5] Win32 CMD 1993 Windows NT, 2000, XP, Server 2003, Vista Windows NT, 2000, XP, Server 2003, Vista MS-EULA[nb 6] Text-based CLI 部份 (CHCP 65001 for UTF-8, but program arguments are still encoded in local codepage) 是 (via registry, startup parameters, and environment variables) 是 (automatic via registry, or explicitly via /K startup option) 是 (via CALL command or /C and /K startup options)
4DOS, NDOS DOS, Windows 95, 98, SE, ME 4DOS, NDOS 1989 (1986) No (not bound to a specific OS vendor or version) 可选 可选 MIT License, with restrictions Text-based CLI with TUI extensions 是 (popups, help system, %_MOUSE internal variable, INKEY /M command) 是 (via CTTY con:, except for DRAWBOX, DRAWLINE, DRAWVLINE, LIST, SCREEN, SCRPUT, SELECT, VSCRPUT commands and file / directory coloring) Yes (stdin, stdout, stderr, stdout+stderr) 是 (via 4DOS.INI/NDOS.INI file, startup parameters, environment variables, SETDOS command) 是 (automatic \AUTOEXEC.BAT for primary shell and 4START.BTM/4START.BAT as well as 4EXIT.BTM/4EXIT.BAT for any shell, or explicitly via /P, /P:dir\filename.ext or /K startup options) 是 (via CALL command or /C and /K startup options)
4OS2 OS/2, eComStation, ArcaOS 4OS2 1992 No (not bound to specific OS/2 versions) 可选 (but bundled with ArcaOS) 可选 Freeware Text-based CLI Yes (stdin, stdout, stderr, stdout+stderr) 是 (via 4OS2.INI file, startup parameters, environment variables, SETDOS command) 是 (automatic via 4START.CMD/4START.BTM as well as 4EXIT.CMD/4EXIT.BTM files, or explicitly via /K startup.cmd option) 是 (via CALL command or /C and /K startup options) ?
TCC (formerly 4NT) Win32 TCC 1993 No (not bound to specific NT versions) optional optional Shareware Text-based CLI (Take Command: GUI) 是 (console mouse, popups, help system, %_XMOUSE, %_YMOUSE internal variables, INKEY /M command) Yes (stdin, stdout, stderr, stdout+stderr) 是 (via registry, TCMD.INI/4NT.INI file, startup parameters, environment variables, SETDOS command) 是 (automatic via registry and TCSTART/4START as well as TCEXIT/4EXIT, or explicitly via /K startup option) 是 (via CALL command or /C and /K startup options)
VMS DCL[21] OpenVMS Automatically for login/interactive process 1977? VMS VMS Proprietary, bundled in VMS by special license only Text-based CLI with DECwindows/Motif Yes, at least to 1988 standard Yes (sys$input, sys$output assignment) Yes (via symbols, logical names, and options) Yes (SYS$MANAGER:SYLOGIN.COM and user defined LOGIN.COM)
PowerShell .NET,
.NET Framework
PowerShell 2006 Windows 10, 8, Server 2008, 7[nb 7] Windows 10, 8, Server 2008, 7 MIT-style Graphical CLI Yes (via variables and options) Yes (%USERPROFILE%\Documents \WindowsPowerShell\Microsoft.PowerShell_profile.ps1) Yes (PowerShell feature)
rc Plan 9, POSIX rc 1989 Plan 9, Version 10 Unix Plan 9, Version 10 Unix MIT License[22] ? ? ? ? ? ? ? ? ?
BeanShell Java ? 2005 ? ? LGPL ? ? ? ? ? ? ? ? ?
fish POSIX fish 2005[23] GhostBSD ? GPL Text-based CLI ? ? ? Yes (Template:Refnec) Yes (through environment variables and via web interface through fish_config) Yes (/etc/fish/config.fish and ~/.config/fish/config.fish) Yes (Unix feature) Yes (~/.config/fish/fish_history*) ?
Ion Redox, Linux ion 2015[24] Redox Redox MIT Text-based CLI ? ? Yes (Template:Refnec) Yes (follows the XDG Base Directory spec) Yes (~/.config/ion/initrc) Yes Yes (~/.local/share/ion/history) 部份 (not distributed as a standalone executable, but it can be built as one)
Shell Usual environment Usually invoked Introduced Platform-independent Default login shell in Default script shell in License Source code availability User interface Mouse support Unicode support ISO 8601 support Console redirection Stream redirection Configurability Startup/shutdown scripts Batch scripts Logging Available as statically linked, independent single file executable

Interactive features

Shell Command
name
completion
Path
completion
Command
argument
completion
Wildcard
completion
Command
history
Mandatory
argument
prompt
Automatic
suggestions
Colored
directory
listings
Text
highlighting
Syntax
highlighting
Directory history, stack or similar features Implicit
directory
change
Auto­correction Integrated
environment
Snippets Value
prompt
Menu/options
prompt
Progress
indicator
Context
sensitive
help
Command
builder
Thompson shell ? ?
Bourne shell 1977 version ? ? External
Bourne shell current version [nb 8] [nb 8] 是 (CDPATH, pushd, popd, dirs), CDPATH since SVr4 External
POSIX shell Yes (CDPATH) External
bash (v4.0) when defined [nb 9] Yes (CDPATH, pushd, popd) optional External
csh Yes (cdpath, pushd, popd) optional External
tcsh when defined Yes (cdpath, pushd, popd) optional External
Hamilton C shell Yes (cdpath, pushd, popd) External
Scsh ? ? External
ksh (ksh93t+) Yes (extendable) Yes (extendable) Yes (cdpath builtin, pushd, popd implemented as functions) External
pdksh External
zsh when defined [25] [26] Yes (via predict-on or user-defined[27]) Third-party extension[28] optional when defined (as ZLE widgets) External
ash External
CCP
COMMAND.COM [nb 10][nb 11] 否 (only in DR-DOS through %$ON%, %$OFF%, %$HEADER%, %$FOOTER%) 否 (only single-stepping with COMMAND /Y[29]) 否 (only via external CHOICE command, in DR-DOS also via SWITCH / DRSWITCH internal commands)
OS/2
CMD.EXE
Windows
CMD.EXE
partial partial Yes (F8) Yes (PUSHD, POPD) 是 (via SET /P command)
4DOS [nb 12][nb 13] (via popup, extended directory searches, CDPATH, PUSHD, POPD, DIRHISTORY, DIRS, CDD, CD - commands and %@DIRSTACK[] function) 是 (via INPUT, INKEY and ESET commands) 是 (via @SELECT[] function, and indirectly via a combination of INKEY, INPUT, SWITCH commands) 否 (except for OPTION command for INI file directives)
4OS2 ? ? ? ? ? ? ?
TCC (formerly 4NT) (via popup, extended directory searches, CDPATH, PUSHD, POPD, DIRHISTORY, DIRS, CDD, CD - commands and %@DIRSTACK[] function) 是 (via INPUT, INKEY, ESET and SET /P commands) 是 (via @SELECT[] function, and indirectly via a combination of INKEY, INPUT, SWITCH commands)[nb 14]
PowerShell Yes (F8) Yes; via PSReadLine[30] module (bundled in v5.0[31]) or in ISE[32] Third-party extension[33] [34] Yes; via PSReadLine[30] module (bundled in v5.0) or in ISE[32] Yes (multiple stacks; multiple location types;[35] Push-Location, Pop-Location) Yes, in PSReadLine[30] module Yes, in ISE[32] Yes, in ISE[32] [36] [37] 是, in ISE[32] popup window[38] 是, in ISE[32]
rc [nb 15] [nb 15] [nb 15] ? ? ?
BeanShell ? ?
VMS DCL Minimum uniqueness scheme ? ?
fish when defined or parsable in man pages[39] [39] Yes (built-in helper available[40]) [nb 16] Yes, using abbr command (via fish_config command[41])
Shell Command
name
completion
Path
completion
Command
argument
completion
Wildcard
completion
Command
history
Mandatory
argument
prompt
Automatic
suggestions
Colored
directory
listings
Text
highlighting
Syntax
highlighting
Directory history, stack or similar features Implicit
directory
change
Auto­correction Integrated
environment
Snippets Value
prompt
Menu/options
prompt
Progress
indicator
Context
sensitive
help
Command
builder

Background execution

Background execution allows a shell to run a command in background. POSIX shells and other Unix shells allow background execution by using the & character at the end of command, and in PowerShell you can use Start-Process or Start-Job commands.

Completions

 
Command-line completion in Bash.

Completion features assist the user in typing commands at the command line, by looking for and suggesting matching words for incomplete ones. Completion is generally requested by pressing the completion key (often the Tab ↹ key).

Command name completion is the completion of the name of a command. In most shells, a command can be a program in the command path (usually $PATH), a builtin command, a function or alias.

Path completion is the completion of the path to a file, relative or absolute.

Wildcard completion is a generalization of path completion, where an expression matches any number of files, using any supported syntax for file matching.

Variable completion is the completion of the name of a variable name (environment variable or shell variable). Bash, zsh, and fish have completion for all variable names. PowerShell has completions for environment variable names, shell variable names and — from within user-defined functions — parameter names.

Command argument completion is the completion of a specific command's arguments. There are two types of arguments, named and positional: Named arguments, often called options, are identified by their name or letter preceding a value, whereas positional arguments consist only of the value. Some shells allow completion of argument names, but few support completing values.

Bash, zsh and fish offer parameter name completion through a definition external to the command, distributed in a separate completion definition file. For command parameter name/value completions, these shells assume path/filename completion if no completion is defined for the command. Completion can be set up to suggest completions by calling a shell function.[42] The fish shell additionally supports parsing of man pages to extract parameter information that can be used to improve completions/suggestions. In PowerShell, all types of commands (cmdlets, functions, script files) inherently expose data about the names, types and valid value ranges/lists for each argument. This metadata is used by PowerShell to automatically support argument name and value completion for built-in commands/functions, user-defined commands/functions as well as for script files. Individual cmdlets can also define dynamic completion of argument values where the completion values are computed dynamically on the running system.

Command history

A user of a shell may find that he/she is typing something similar to what the user typed before. If the shell supports command history the user can call the previous command into the line editor and edit it before issuing it again.

Shells that support completion may also be able to directly complete the command from the command history given a partial/initial part of the previous command.

Most modern shells support command history. Shells which support command history in general also support completion from history rather than just recalling commands from the history. In addition to the plain command text, PowerShell also records execution start- and end time and execution status in the command history.

Mandatory argument prompt

Mandatory arguments/parameters are arguments/parameters which must be assigned a value upon invocation of the command, function or script file. A shell that can determine ahead of invocation that there are missing mandatory values, can assist the interactive user by prompting for those values instead of letting the command fail. Having the shell prompt for missing values will allow the author of a script, command or function to mark a parameter as mandatory instead of creating script code to either prompt for the missing values (after determining that it is being run interactively) or fail with a message.

PowerShell allows commands, functions and scripts to define arguments/parameters as mandatory. The shell determines prior to invocation if there is any mandatory arguments/parameters which have not been bound, and will then prompt the user for the value(s) before actual invocation. [43]

Automatic suggestions

 
Command-line completion in PowerShell.

Shells featuring automatic suggestions display optional command-line completions as the user types. The PowerShell and fish shells natively support this feature; pressing the Tab ↹ key inserts the completion.

Implementations of this feature can differ between shells; for example, PowerShell[44] and zsh[45] use an external module to provide completions, and fish derives its completions from the user's command history.[46]

Directory history, stack or similar features

Shells may record a history of directories the user has been in and allow for fast switching to any recorded location. This is referred to as a "directory stack". The concept had been realized as early as 1978[47] in the release of the C shell (csh).

PowerShell allows multiple named stacks to be used. Locations (directories) can be pushed onto/popped from the current stack or a named stack. Any stack can become the current (default) stack. Unlike most other shells, PowerShell's location concept allow location stacks to hold file system locations as well as other location types like e.g. Active Directory organizational units/groups, SQL Server databases/tables/objects, Internet Information Server applications/sites/virtual directories.

Command line interpreters 4DOS and its graphical successor Take Command Console also feature a directory stack.

Implicit directory change

A directory name can be used directly as a command which implicitly changes the current location to the directory.

This must be distinguished from an unrelated load drive feature supported by Concurrent DOS, Multiuser DOS, System Manager and REAL/32, where the drive letter L: will be implicitly updated to point to the load path of a loaded application, thereby allowing applications to refer to files residing in their load directory under a standardized drive letter instead of under an absolute path.[48]

Autocorrection

When a command line does not match a command or arguments directly, spell checking can automatically correct common typing mistakes (such as case sensitivity, missing letters). There are two approaches to this; the shell can either suggest probable corrections upon command invocation, or this can happen earlier as part of a completion or autosuggestion.

The tcsh and zsh shells feature optional spell checking/correction, upon command invocation.

Fish does the autocorrection upon completion and autosuggestion. The feature is therefore not in the way when typing out the whole command and pressing enter, whereas extensive use of the tab and right-arrow keys makes the shell mostly case insensitive.

The PSReadLine[30] PowerShell module (which is shipped with version 5.0) provides the option to specify a CommandValidationHandler ScriptBlock which runs before submitting the command. This allows for custom correcting of commonly mistyped commands, and verification before actually running the command.

Progress indicator

A shell script (or job) can report progress of long running tasks to the interactive user.

Unix/Linux systems may offer other tools support using progress indicators from scripts or as standalone-commands, such as the program "pv".[49] These are not integrated features of the shells, however.

PowerShell has a built-in command and API functions (to be used when authoring commands) for writing/updating a progress bar. Progress bar messages are sent separates from regular command output and the progress bar is always displayed at the ultimate interactive users console regardless of whether the progress messages originates from an interactive script, from a background job or from a remote session.

Interactive table

Output from a command execution can be displayed in a table/grid which can be interactively sorted and filtered and/or otherwise manipulated after command execution ends.

PowerShell Out-GridView cmdlet displays data in an interactive window with interactive sorting and filtering.

Colored directory listings

JP Software command-line processors provide user-configurable colorization of file and directory names in directory listings based on their file extension and/or attributes through an optionally defined %COLORDIR% environment variable.

For the Unix/Linux shells, this is a feature of the ls command and the terminal.

Text highlighting

The command line processors in DOS Plus, Multiuser DOS, REAL/32 and in all versions of DR-DOS support a number of optional environment variables to define escape sequences allowing to control text highlighting, reversion or colorization for display or print purposes in commands like TYPE. All mentioned command line processors support %$ON% and %$OFF%. If defined, these sequences will be emitted before and after filenames. A typical sequence for %$ON% would be \033[1m in conjunction with ANSI.SYS, \033p for an ASCII terminal or \016 for an IBM or ESC/P printer. Likewise, typical sequences for %$OFF% would be \033[0m, \033q, \024, respectively. The variables %$HEADER% and %$FOOTER% are only supported by COMMAND.COM in DR-DOS 7.02 and higher to define sequences emitted before and after text blocks in order to control text highlighting, pagination or other formatting options.

For the Unix/Linux shells, this is a feature of the terminal.

Syntax highlighting

An independent project offers syntax highlighting as an add-on to the Z Shell (zsh).[50] This is not part of the shell, however.

PowerShell provides customizable syntax highlighting on the command line through the PSReadLine[30] module. This module can be used with PowerShell v3.0+, and it's included with v5.0. Additionally, it is loaded by default in the command line host "powershell.exe" in v5.0. The PowerShell ISE also includes syntax highlighting on the command line as well as in the script pane.[51] Take Command Console (TCC) offers syntax highlighting in the integrated environment.

Context sensitive help

4DOS, 4OS2, 4NT / Take Command Console and PowerShell (in PowerShell ISE) looks up context-sensitive help information when F1 is pressed.

Zsh provides various forms of configurable context-sensitive help as part of its run-help widget, _complete_help command, or in the completion of options for some commands.

Command builder

A command builder is a guided dialog which assists the user in filling in a command. PowerShell has a command builder which is available in PowerShell ISE or which can be displayed separately through the Show-Command cmdlet.[52]

Programming features

Shell Functions Exception handling Search & replace on variable substi­tutions Arith­metic Floating point Math function library Linear arrays or lists Assoc­iative arrays Lambda functions eval func­tion Pseudo­random number generation Bytecode
Bourne shell 1977 version Yes (via trap)
Bourne shell current version Yes since SVR2 Yes (via trap) [nb 8]
POSIX shell Yes (via trap)
bash (v4.0) Yes (via trap) Yes (via ${//} syntax) Yes ($RANDOM)
csh Yes (via $var:s/// syntax)
tcsh Yes (via $var:s/// syntax)
Hamilton C shell Yes (via $var:s/// syntax) Yes (random utility)
Scsh ? Yes (via string functions and regular expressions) ? ? ? ? Yes (random-integer, random-real) Yes (compiler is Scheme48 virtual machine, via scshvm)
ksh (ksh93t+) Yes (via trap) Yes (via ${//} syntax and builtin commands) Yes ($RANDOM) Yes (compiler is called shcomp)
pdksh Yes (via trap) Yes ($RANDOM)
zsh Yes (via ${:s//} and ${//} syntax) Yes (zsh/mathfunc module) Yes ($RANDOM) Yes (built-in zcompile command)
ash 是 (via trap) Yes (since 1992)[53]
CCP ? ? ?
COMMAND.COM 部份 (only Auto-fail (via COMMAND /F (or /N in some versions of DR-DOS))
OS/2 CMD.EXE ? ?
Windows CMD.EXE Yes (via CALL :label) Yes (via SET %varname:expression syntax) Yes (via SET /A)[54] Yes (via SET[55]) Yes (%random%)
4DOS Yes (via ON command, optional Auto-fail via 4DOS /F) Yes (via %@Replace[...] function) Yes (via SET /A) ? ? Yes (via ranges, include lists, @file lists and FOR command) Yes (%@Random[...] function) Yes (via BATCOMP command)
4OS2 ? ? ? ? ? ? ? ? 是 (%@Random[...] function) ?
TCC (formerly 4NT) Yes (via ON and various ...MONITOR commands) Yes (via %@Replace[...] function) Yes (via SET /A) ? ? Yes (via ranges, include lists, @file lists and FOR command) ? 是 (%@Random[...] function) 是 (via BATCOMP command)
PowerShell 是 (Try-Catch-Finally) Yes (-replace operator) [Math] class[56] Yes, automatic
rc ? ? ? ?
BeanShell ? ? ?
VMS DCL yes, for compiled programs
fish Yes (via trap) Yes, via string builtin command[57] Yes (random)

String processing and filename matching

Shell String processing Alternation (Brace expansion) Pattern matching (regular expressions built-in) Pattern matching (filename globbing) Globbing qualifiers (filename generation based on file attributes) Recursive globbing (generating files from any level of subdirectories)
Bourne shell 1977 version ? Yes (*, ?, [...])
Bourne shell recent version 部份 (prefix and suffix stripping in variable expansion) Yes (*, ?, [...])
POSIX shell 部份 (prefix and suffix stripping in variable expansion) Yes (*, ?, [...])
bash (v4.0) 部份 (prefix and suffix stripping in variable expansion) Yes (*, ?, [...], {...}) 是 (**/...)
csh Yes (:s and other editing operators)
tcsh Yes (:s and other editing operators)
Hamilton C shell Yes (:s and other editing operators + substr, strlen, strindex, printf, reverse, upper, lower, concat and other builtin functions) Yes (via indefinite directory "..." wildcard[58])
Scsh ? ?
ksh (ksh93t+) 部份 (prefix, suffix stripping and string replacement in variable expansion) [59] Yes (*, ?, [...]) 是 (with set -G, no following of symlinks)
pdksh ? [59]
zsh 是 (through variable processing: e.g. substring extraction, various transformations via parameter expansion) Yes (*, ?, [...], extended globbing[60]) 是 (**/... or ***/... to follow symlinks)
ash ? ?
CCP
COMMAND.COM Yes (*, ?)
OS/2 CMD.EXE Yes (*, ?) 部份 (only in DIR /A:... command)
Windows CMD.EXE 部份 (only through FOR /F and SET /A) No[nb 17] Yes (*, ?) 部份 (only in DIR /A:... command) 是 (via FOR /R command, or, where available, indirectly via /S subdir option)
4DOS 是 (through variable functions %@...[], extended environment variable processing, various string commands and FOR /F and SET /A) Yes (*, ?, [...], extended wildcards, SELECT popup command) 是 (via /A:... attribute and /I"..." description options and /[S...] size, /[T...] time, /[D...] date, and /[!...] file exclusion ranges) 是 (via FOR /R command, or indirectly via GLOBAL command or, where available, /S subdir option)
4OS2 ? ? ? ?
TCC (formerly 4NT) 是 (through variable functions %@...[], extended environment variable processing, various string commands and FOR /F and SET /A) Yes (*, ?, [...], extended wildcards, SELECT popup command) 是 (via /A:... attribute and /I"..." description options and /[S...] size, /[T...] time, /[D...] date, /[O...] owner, and /[!...] file exclusion ranges) 是 (via FOR /R command, or indirectly via GLOBAL command or, where available, /S subdir option)
PowerShell Yes (Concat/Substring/Insert/Remove/Replace, ToLower/ToUpper, Trim/TrimStart/TrimEnd, Compare, Contains/StartsWith/EndWith, Format, IndexOf/LastIndexOf, Pad/PadLeft/PadRight, Split/Join, regular expression functions and other .NET string functions) Range operator for numbers[61] Yes (full regex support)[nb 18] Yes (*, ?, [...]) ? ?
rc ? ?
BeanShell ? ? ? ? ?
VMS DCL 是 (via [SUBDIR...])
fish Yes (builtin string function) Yes yes (via builtin string match and string replace functions) Yes (*, ?, {...}) 是 (**/...)

Inter-process communication

Shell Pipes Command substitution Process substitution Subshells TCP/UDP connections as streams Keystroke stacking
Bourne shell bytes concurrent 不适用[nb 19]
POSIX shell bytes concurrent 不适用[nb 19]
bash (v4.0) bytes concurrent Yes (if system supports /dev/fd/n or named pipes) Yes (client only) 不适用[nb 19]
csh bytes concurrent 不适用[nb 19]
tcsh bytes concurrent 不适用[nb 19]
Hamilton C shell bytes concurrent ?
Scsh text ? ? ? 不适用[nb 19]
ksh (ksh93t+) bytes (may contain serialized objects if print -C is used) concurrent Yes ($(...) and ${<space>...;}) Yes (if system supports /dev/fd/n) Yes (and SCTP support, client only) 不适用[nb 19]
pdksh bytes concurrent 不适用[nb 19]
zsh bytes concurrent Yes (client and server, but only TCP) 不适用[nb 19]
ash bytes concurrent 不适用[nb 19]
CCP
COMMAND.COM text sequential temporary files 部份 (only under DR-DOS multitasker via COMMAND.COM /T)
OS/2 CMD.EXE text concurrent ?
Windows CMD.EXE text concurrent Yes (via FOR /F command) Yes (Backtick: ` in FOR /F usebackq)
4DOS text sequential temporary files Yes (via FOR /F command) ? 部份 (via %@EXECSTR[] and %@EXEC[], or via SET /M, ESET /M and UNSET /M and %@MASTER[...]) 是 (via KEYSTACK and KSTACK)[62]
4OS2 text concurrent ? ? ? 是 (via KEYSTACK)
TCC (formerly 4NT) text concurrent Yes (via FOR /F command) ? 部份 (via %@EXECSTR[] and %@EXEC[]) 是 (via FTP, TFTP, FTPS, SFTP, HTTP, HTTPS and IFTP, client only) 是 (via KEYSTACK)
PowerShell objects concurrent ?
rc text concurrent Yes (via: <{cmd} if system supports /dev/fd/n) ?
BeanShell not supported ? ? ? ?
VMS DCL text (via PIPE command) Yes (spawn) Yes (server TCP only)
fish bytes concurrent 是 (...) No (broken)[63] 不适用[nb 19]

Keystroke stacking

In anticipation of what a given running application may accept as keyboard input, the user of the shell instructs the shell to generate a sequence of simulated keystrokes, which the application will interpret as a keyboard input from an interactive user. By sending keystroke sequences the user may be able to direct the application to perform actions that would be impossible to achieve through input redirection or would otherwise require an interactive user. For example, if an application acts on keystrokes, which cannot be redirected, distinguishes between normal and extended keys, flushes the queue before accepting new input on startup or under certain conditions, or because it does not read through standard input at all. Keystroke stacking typically also provides means to control the timing of simulated keys being sent or to delay new keys until the queue was flushed etc. It also allows to simulate keys which are not present on a keyboard (because the corresponding keys do not physically exist or because a different keyboard layout is being used) and therefore would be impossible to type by a user.

Security features

Template:Importance section

Shell Secure (password) prompt Encrypted variables/ parameters File/directory passwords Execute permission Untrusted script blocking Restricted shell subset Safe data subset
Bourne shell via stty[nb 20] ? 不适用[nb 21]
POSIX shell via stty[nb 20] ? 不适用[nb 21]
bash (v4.0) read -s ? 不适用[nb 21]
csh via stty[nb 20] ? 不适用[nb 21]
tcsh via stty[nb 20] ? 不适用[nb 21]
Hamilton C shell
Scsh via stty[nb 20] ? 不适用[nb 21]
ksh (ksh93t+) via stty[nb 20] ? 不适用[nb 21]
pdksh via stty[nb 20] ? 不适用[nb 21]
zsh read -s ? 不适用[nb 21]
ash via stty[nb 20] ? 不适用[nb 21]
CCP
COMMAND.COM 部份 (only under DR-DOS, prompts for password if file/directory is protected) 部份 (only under DR-DOS via \dirname;dirpwd\filename;filepwd syntax)[nb 22] 部份 (only under DR-DOS, if files are password-protected for read and/or execute permission)[nb 23]
OS/2 CMD.EXE
Windows CMD.EXE
4DOS 是 (via INPUT /P or INKEY /P)[nb 24] 部份 (only under DR-DOS via \dirname;;dirpwd\filename;;filepwd syntax)[nb 22] 部份 (only under DR-DOS, if files are password-protected for read and/or execute permission)[nb 23]
4OS2 ?
TCC (formerly 4NT) 是 (via INPUT /P, INKEY /P or QUERYBOX /P)[nb 24]
PowerShell [nb 25] [nb 26] [64] [nb 27] [65]
rc via stty[nb 20] ? 不适用[nb 21] [66]
BeanShell ? ? ? ? ? ? ?
VMS DCL
fish read -s ? 不适用[nb 21] Yes (via fish -l) ?

Secure prompt

Some shell scripts need to query the user for sensitive information such as passwords, private digital keys, PIN codes or other confidential information. Sensitive input should not be echoed back to the screen/input device where it could be gleaned by unauthorized persons. Plaintext memory representation of sensitive information should also be avoided as it could allow the information to be compromised, e.g., through swap files, core dumps etc.[67]

The shells bash, zsh and PowerShell offer this as a specific feature.[68][69] Shells which do not offer this as a specific feature may still be able to turn off echoing through some other means. Shells executing on a Unix/Linux operating system can use the stty external command to switch off/on echoing of input characters.[70] In addition to not echoing back the characters, PowerShell's -AsSecureString option also encrypts the input character-by-character during the input process, ensuring that the string is never represented unencrypted in memory where it could be compromised through memory dumps, scanning, transcription etc.

Encrypted variables/parameters

If a script reads a password into an environment variable it is in memory in plain text, and thus may be accessed via a core dump. It is also in the process environment, which may be accessible by other processes started by the script.[71]

PowerShell can work with encrypted string variables/parameters.[72] Encrypted variables ensure that values are not inadvertently disclosed through e.g. transcripts, echo'ing, logfiles, memory or crash dumps or even malicious memory scanning. PowerShell also supports saving of such encrypted strings in text files, protected by a key owned by the current user.

Execute permission

Some operating systems define an execute permission which can be granted to users/groups for a file.

On Unix systems, the execute permission controls access to invoking the file as a program, and applies both to executables and scripts. As the permission is enforced in the program loader, no obligation is needed from the invoking program, nor the invoked program, in enforcing the execute permission – this also goes for shells and other interpreter programs. The behaviour is mandated by the POSIX C library that is used for interfacing with the kernel. POSIX specifies that the exec family of functions shall fail with EACCESS (permission denied) if the file denies execution permission (see execve – 系统界面(System Interfaces)参考,单一UNIX®规范第7期,由国际开放标准组织发布).

The execute permission only applies when the script is run directly. If a script is invoked as an argument to the interpreting shell, it will be executed regardless of whether the user holds the execute permission for that script.

Although Windows also specifies an execute permission, none of the Windows-specific shells block script execution if the permission has not been granted.

Untrusted script blocking

Some shells will block scripts determined to be untrustworthy, or refuse to run scripts if mandated by a system administrator.

Script origin execution restriction

PowerShell can be set to block execution of scripts which has been marked as obtained from an unknown/untrusted origin (e.g. the Internet).[73] Internet facing applications such as web browsers, IM clients, mail readers etc. mark files downloaded from the internet with the origin zone in an alternate data stream which is understood by PowerShell.

Signed script restriction

Script/code signing policies can be used to ensure that an operations department only run approved scripts/code which have been reviewed and signed by a trusted reviewer/approver. Signing regimes also protects against tampering. If a script is sent from vendor to a client, the client can use signing to ensure that the script has not been tampered with during transit and that the script indeed originates from the vendor and not an attacker trying to social engineer an operator into running an attack script.

PowerShell can be set to allow execution of otherwise blocked scripts (e.g. originating from an untrusted zone) if the script has been digitally signed using a trusted digital certificate.[74][75][76]

Multilevel execution policies

A company may want to enforce execution restriction globally within the company and/or certain parts of the company. It may want to set a policy for running signed scripts but allow certain parts of the company to set their own policies for zoned restrictions.

PowerShell allows script blocking policies to be enforced at multiple levels: Local machine, current user etc. A higher level policy overrides a lower level policy, e.g. if a policy is defined for the local machine it is in place for all users of the local machine, only if it is left undefined at the higher level can it be defined for the lower levels.

Restricted shell subset

Several shells can be started or be configured to start in a mode where only a limited set of commands and actions is available to the user. While not a security boundary (the command accessing a resource is blocked rather than the resource) this is nevertheless typically used to restrict users' actions before logging in.

A restricted mode is part of the POSIX specification for shells, and most of the Linux/Unix shells support such a mode where several of the built-in commands are disabled and only external commands from a certain directory can be invoked.[77][78]

PowerShell supports restricted modes through session configuration files or session configurations. A session configuration file can define visible (available) cmdlets, aliases, functions, path providers and more.[79]

Safe data subset

Scripts that invoke other scripts can be a security risk as they can potentially execute foreign code in the context of the user who launched the initial script. Scripts will usually be designed to exclusively include scripts from known safe locations; but in some instances, e.g. when offering the user a way to configure the environment or loading localized messages, the script may need to include other scripts/files.[80] One way to address this risk is for the shell to offer a safe subset of commands which can be executed by an included script.

PowerShell data sections can contain constants and expressions using a restricted subset of operators and commands.[81] PowerShell data sections are used when e.g. localized strings needs to be read from an external source while protecting against unwanted side effects.

Notes

  1. ^ Since mid 1990s.
  2. ^ if compiled with -DACCT.
  3. ^ MS-DOS and Windows component – covered by a valid license for MS-DOS or Microsoft Windows.
  4. ^ OS/2 component – covered by a valid license for OS/2.
  5. ^ Command extensions enabled, or "CMD /X".
  6. ^ Windows component – covered by a valid license for Microsoft Windows.
  7. ^ Microsoft PowerShell is installed by default on Windows 7 and later. It is an optional download for users of Windows Vista or Windows XP.
  8. ^ 8.0 8.1 8.2 current versions from Jörg Schilling.
  9. ^ Alt-Shift-8 or Alt-* will expand to the full matching list of filenames.
  10. ^ Available through the DOSKEY add-on.
  11. ^ Available in DR-DOS through HISTORY.
  12. ^ Alternatively available through the DOSKEY add-on as well.
  13. ^ Alternatively available in DR-DOS through HISTORY as well.
  14. ^ TCC has special prompt functions for Yes, No, Cancel, Close, Retry.
  15. ^ 15.0 15.1 15.2 Handled by rio, GNU readline, editline or vrl.
  16. ^ The fish shell is an interactive character based input/output surface.
  17. ^ Not available as a shell built-in. External FINDSTR /R command is available in most Windows releases.
  18. ^ PowerShell leverages the full .NET regular expression engine which features named captures, zero-width lookahead/-behind, greedy/non-greedy, character classes, level counting etc.
  19. ^ 19.00 19.01 19.02 19.03 19.04 19.05 19.06 19.07 19.08 19.09 19.10 xautomation and xdotool can be used to generate keystrokes under X Window System; or a program can be run in a pseudoterminal to be able to control it (as with the expect tool).
  20. ^ 20.0 20.1 20.2 20.3 20.4 20.5 20.6 20.7 20.8 The shell can use the stty utility to suppress echoing of typed characters to the screen. This requires multiple steps: 1. reading the current echo state, 2. switching echo off, 3. reading the input, 4. switching echo state back to the original state.
  21. ^ 21.00 21.01 21.02 21.03 21.04 21.05 21.06 21.07 21.08 21.09 21.10 21.11 The execute permission is enforced by a separate program, the program loader, by refusing to invoke the interpreter (possibly a shell) specified by the script's hashbang. The interpreter does not enforce the execute permission if invoked directly as the program loader would, with the file as an argument; this only requires read permission, as does piping the file as input to the interpreter, in which case the interpreter cannot see the execute permission.
  22. ^ 22.0 22.1 Under DR-DOS the password separator for file and directory passwords is a semicolon. This is also supported under 4DOS for as long as the command does not support include lists. Under 4DOS, the password separator must be doubled for all commands supporting include lists in order to distinguish passwords from include lists. Commands not supporting include lists accept both forms. DR-DOS 7.02 and higher optionally accept a doubled semicolon as well, so that doubled semicolons work under both COMMAND.COM and 4DOS regardless of the command executed.
  23. ^ 23.0 23.1 DR-DOS supports file passwords for read/write/delete and optionally execute permissions. Files are not protected by default, but the system can be set up so that f.e. batch scripts require a password to read.
  24. ^ 24.0 24.1 INPUT /P and INKEY /P echoes back asterisks for each typed character.
  25. ^ Read-Host -AsSecureString reads a string of characters from the input device into an encrypted string, one character at a time thus ensuring that there is no memory image of the clear text which could be gleaned from scanning memory, or from crash dumps, memory dumps, paging files, log files or similar.
  26. ^ PowerShell script files (.ps1 files) are by default associated with the Notepad editor, not with the PowerShell execution engine. Invoking a .ps1 file will launch Notepad rather than executing the script.
  27. ^ Startup scripts per computer/user can import modules and expose a subset the commands/functions available in the modules.

References

  1. ^ A platform independent version based on the historical UNIX V7 original source code is available from Geoff Collyer
  2. ^ The historic UNIX V7 version is available under a BSD-style license through the Unix Heritage Society and others.
  3. ^ A platform independent version based on the SVr4/Solaris source code is available from Jörg Schilling
  4. ^ Ferrell, John, Chapter 2. Default Shell, FreeBSD Quickstart Guide for Linux Users, The FreeBSD Documentation Project, [2015-07-24] 
  5. ^ SchilliX-ON / SchilliX-ON Mercurial / [b1d9a2] /usr/src/cmd/sh. Sourceforge.net. [2015-07-02]. 
  6. ^ IEEE and The Open Group. IEEE 1003.1 Standard for Information Technology – Portable Operating System Interface (POSIX): Shell and Utilities, Issue 7. 2008. 
  7. ^ As part of IEEE Std.1003.2-1992 (POSIX.2); integrated into IEEE Std.1003.1 with the 2001 revision.
  8. ^ Fox, Brian. Tower Jr., Leonard H. , 编. Bash is in beta release!. Newsgroupgnu.announce. 1989-06-07 [2010-10-28]. Usenet: [email protected]. 
  9. ^ Cooper, Mendel, Chapter 37.3.2. Bash, version 4.2, Advanced Bash-Scripting Guide, The Linux Documentation Project, [2015-04-30] , "Bash now supports the \u and \U Unicode escape."
  10. ^ Greer, Ken. C shell with command and filename recognition/completion. Newsgroupnet.sources. 1983-10-03 [2010-12-29]. 
  11. ^ Sussman, Ann. Hamilton C Shell Speeds Development Of OS/2 Applications (PDF). PC Week. 1988-12-26, (1988-12-26 - 1989-01-02): 37 [2010-11-22]. 
  12. ^ Gomes, Ron. Toronto USENIX Conference Schedule (tentative). Newsgroupnet.usenix. 1983-06-09 [2010-12-29]. 
  13. ^ Harris, Guy. csh question. Newsgroupnet.flame. 1983-10-10 [2010-12-29]. 
  14. ^ 14.0 14.1 ksh93(1) man page
  15. ^ 15.0 15.1 Default shell in OpenBSD is ksh (pdksh).
  16. ^ The zsh command line editor is fully configurable and can allow mouse support in various ways such as with Stéphane Chazelas's mouse.zsh.
  17. ^ zsh(1) man page and subpages
  18. ^ zshbuiltins(1) man page
  19. ^ Lefevre, Vincent. multi-digit file descriptors. zsh-users (邮件列表). 2015-02-11 [2021-12-23]. 
  20. ^ #782228 - busybox sh doesn't support multibyte characters in string handling - Debian Bug report logs. Bugs.debian.org. 2015-04-09 [2015-07-02]. 
  21. ^ HP OpenVMS DCL Dictionary. [2009-03-23]. (原始内容存档于25 March 2007). 
  22. ^ Larabel, Michael. Plan 9 Copyright Transferred To Foundation, MIT Licensed Code Released. Phoronix. 2021-03-23 [2021-03-28]. 
  23. ^ Liljencrantz, Axel. Fish - The friendly interactive shell. 2005-05-17 [2013-04-08]. 
  24. ^ Soller, Jeremy. d79c8f511573fb7710abc63b4236a40022914520. 2015-11-15 [2019-08-03]. 
  25. ^ [Z Shell] Completion System. Zsh.sourceforge.io. [2015-02-24]. 
  26. ^ This applies only on reserved words and other syntactic features.
  27. ^ e.g. via 3rd party such as zsh-autosuggestions
  28. ^ zsh does not feature syntax highlighting, but a 3rd party project exists which offers this capability as an add-on: zsh-syntax-highlighting
  29. ^ Paul, Matthias R. Caldera OpenDOS 7.01/7.02 Update Alpha 3 IBMBIO.COM - README.TXT and BOOT.TXT - A short description of how OpenDOS is booted. 1997-10-02 [1997-09-29] [2009-03-29]. (原始内容存档于2003-10-04).  [1]
  30. ^ 30.0 30.1 30.2 30.3 30.4 Shirk, Jason. [2] PSReadLine: A bash inspired readline implementation for PowerShell]. 15 February 2018 –通过GitHub. 
  31. ^ Archived copy. [8 September 2016]. (原始内容存档于17 September 2016).  已忽略未知参数|df= (帮助)
  32. ^ 32.0 32.1 32.2 32.3 32.4 32.5 Windows PowerShell Integrated Scripting Environment (ISE). Microsoft Technet. [2015-09-12]. 
  33. ^ Get-ChildItemColor. GitHub. 18 March 2022. 
  34. ^ sdwheeler. Write-Host (Microsoft.PowerShell.Utility) - PowerShell. docs.microsoft.com. [18 January 2022]. 
  35. ^ Push-Location (with alias pushd) and Pop-Location (with alias popd) allows multiple location types (directories of file systems, organizational units of Active Directory, nodes of Windows Registry etc) to be pushed onto and popped from location stacks.
  36. ^ The $host.ui.PromptForChoice function allows for a menu-style prompt for choices. The prompt works from background jobs as well as from remote sessions, displaying the menu prompt on the console of the controlling session.
  37. ^ The Write-Progress cmdlet writes a progress bar which can indicate percentage, remaining seconds etc. The progress bar messages work from background jobs or remote sessions in addition to interactive scripts, i.e. the progress bar is displayed on the console of the controlling session, not as part of the regular output.
  38. ^ The Show-Command cmdlet inspects the command definition and opens an interactive windows with a named input field for each parameter/switch
  39. ^ 39.0 39.1 fish: Documentation. Section Tab completion. [2016-01-10]. 
  40. ^ set_color - set the terminal color — fish-shell 3.1.2 documentation. fishshell.com. [2021-02-23]. (原始内容存档于17 February 2020). 
  41. ^ abbr - manage fish abbreviations — fish-shell 3.1.2 documentation. fishshell.com. [2021-02-23]. 
  42. ^ zsh: 20. Completion System. Zsh.sourceforge.io. 2013-03-06 [2013-08-18]. 
  43. ^ Use PowerShell to Make Mandatory Parameters. Blogs.technet.com. 22 May 2011 [2015-02-24]. 
  44. ^ sdwheeler. What's New in the PowerShell 5.0 ISE - PowerShell. docs.microsoft.com. [2021-07-25] (美国英语). 
  45. ^ GitHub - marlonrichert/zsh-autocomplete: 🤖 Real-time type-ahead completion for Zsh. Asynchronous find-as-you-type autocompletion.. GitHub. [2021-07-25] (英语). 
  46. ^ Interactive use — fish-shell 3.3.1 documentation. fishshell.com. [2021-07-25]. 
  47. ^ Hahn, Harley. Harley Hahn's guide to Unix and Linux. Boston: McGraw-Hill Higher Education. 2009. ISBN 978-0-07-313361-4. OCLC 184828059. 
  48. ^ Concurrent DOS 386 - Multiuser/Multitasking Operating System - User Guide (PDF). Digital Research. 
  49. ^ pv(1): monitor progress of data through pipe - Linux man page. Linux.die.net. [2015-02-24]. 
  50. ^ zsh-users/zsh-syntax-highlighting: Fish shell like syntax highlighting for Zsh. GitHub. [2013-08-18]. 
  51. ^ Windows PowerShell 3.0 Integrated Scripting Environment (ISE). Technet.microsoft.com. [2013-08-18]. 
  52. ^ Show-Command. Technet.microsoft.com. [2013-08-18]. 
  53. ^ Ash Variants. [15 December 2014]. (原始内容存档于10 March 2010). 
  54. ^ Set - Environment Variable - Windows CMD. SS64.com. [2015-02-24]. 
  55. ^ How to loop through array in batch?. Stack Overflow. [2015-02-24]. 
  56. ^ The .NET System.Math class defines mathematical functions that can be used through the shortcut [Math], e.g. [Math]::Sin for the sinus function.[3]
  57. ^ string - manipulate strings — fish-shell 3.1.2 documentation. fishshell.com. [2021-02-23]. 
  58. ^ Hamilton C shell Language reference: Wildcarding and pattern matching, Hamilton Laboratories, [2013-10-29], ... Indefinite Directory: match any number of directory levels – zero or more – whatever it takes to make the rest of the pattern match. 
  59. ^ 59.0 59.1 Seebach, Peter. Beginning Portable Shell Scripting: From Novice to Professional. Expert's voice in open source. Apress. 21 November 2008: 149 (2008) [2014-09-17]. ISBN 9781430210436. Brace expansion is available in ksh93, pdksh, bash, and zsh. 
  60. ^ Zsh offers a variety of globbing options.
  61. ^ sdwheeler. about Operators - PowerShell. docs.microsoft.com. [18 January 2022]. 
  62. ^ Brothers, Hardin; Rawson, Tom; Conn, Rex C.; Paul, Matthias R.; Dye, Charles E.; Georgiev, Luchezar I. 4DOS 8.00 online help. 2002-02-27. 
  63. ^ find a way to make 'psub --fifo' safe from deadlock · Issue #1040 · fish-shell/fish-shell. GitHub. 
  64. ^ About Execution Policies. Technet.microsoft.com. [2015-02-24]. 
  65. ^ About Data Sections. Technet.microsoft.com. [2015-02-24]. 
  66. ^ Ubuntu Manpage: rc - shell. Manpages.ubuntu.com. 2003-07-17 [2015-02-24]. 
  67. ^ Provos, Niels. Encrypting Virtual Memory. Center for Information Technology Integration, University of Michigan. [2012-12-20]. 
  68. ^ bash - GNU Bourne-Again SHell. read -s Silent mode. If input is coming from a terminal, characters are not echoed. 
  69. ^ Using the Read-Host Cmdlet. By adding the -assecurestring parameter you can mask the data entered at the prompt 
  70. ^ Linux / Unix Command: stty. Linux.about.com. [2015-02-24]. 
  71. ^ Albing, Carl; Vossen, J. P.; Newham, Cameron. 3.8. Prompting for a Password. Bash cookbook  1st. Sebastopol, California: O'Reilly Media. 2007: 65. ISBN 978-0-596-52678-8. Be aware that if you read a password into an environment variable it is in memory in plain text, and thus may be accessed via a core dump or /proc/core. It is also in the process environment, which may be accessible by other processes. 
  72. ^ Holmes, Lee. SecureStrings in PowerShell. [2012-12-18]. 
  73. ^ PowerShell Security :: Windows OS Security :: Articles & Tutorials. WindowSecurity.com. 13 September 2007 [2013-08-18]. 
  74. ^ Signing PowerShell Scripts. Hanselman.com. [2015-12-24]. 
  75. ^ Hey, Scripting Guy! How Can I Sign Windows PowerShell Scripts with an Enterprise Windows PKI? (Part 2 of 2) - Hey, Scripting Guy! Blog - Site Home - TechNet Blogs. Blogs.technet.com. 17 June 2010 [2013-08-18]. 
  76. ^ Running Windows PowerShell Scripts. Technet.microsoft.com. [2013-08-18]. 
  77. ^ man sh - shell, the standard command language interpreter / posix. Pwet.fr. [2013-08-18]. (原始内容存档于21 December 2014) (法语). 
  78. ^ Bash Reference Manual: The Restricted Shell. Gnu.org. 2010-12-28 [2013-08-18]. 
  79. ^ New-PSSessionConfigurationFile. Technet.microsoft.com. [2013-08-18]. 
  80. ^ Albing, Carl; Vossen, J. P.; Newham, Cameron. Bash cookbook 1st. Sebastopol, California, USA: O'Reilly Media. 2007. ISBN 978-0-596-52678-8. [...] is hardly what one thinks of as a passive list of configured variables. It can run other commands (e.g., cat) and use if statements to vary its choices. It even ends by echoing a message. Be careful when you source something, as it's a wide open door into your script. 
  81. ^ About Data Sections. Microsoft. [2012-12-18].