James Turnbull has published a nice small list of seven tips for optimizing shell script security.
The shell script is ubiquitous on Linux hosts. Administrators use shell scripts to run backups, purge /tmp directories, monitor processes and create users, just to name a few tasks. Some applications are written in shell script also, and some users rely on shell scripts for installation or integration purposes.
Despite their widespread usage, many shell scripts are written with little to no consideration for security. Worse, due to some inherent weaknesses and a complex syntax, writing secure shell scripts can be pretty difficult. This tip will provide some simple tips for how to make your shell scripts as secure as possible.
This is a good read for all new admins.