Best practices shell, to improve :

When printing error messages, please redirect to stderr.
Use echo 'Something unexpected happened' >&2 for this.

And also :

Use set -o xtrace, with a check on $TRACE env variable.

For copy-paste: if [[ "${TRACE-0}" == "1" ]]; then set -o xtrace; fi.
This helps in debugging your scripts, a lot. Like, really lot.
People can now enable debug mode, by running your script as TRACE=1 ./script.sh instead of ./script.sh.

# check that name is a valid variable name:
# note: this code does not support variable_name[index]
shopt -s globasciiranges
[[ "$name" == [a-zA-Z_]*([a-zA-Z_0-9]) ]] || exit

value='babibab'
eval "$name"='$value'  # carefully escape the right-hand side!
echo "$var_37"  # outputs “babibab”

S'échapper des shells restreints.
Et on peut utiliser tar, zip, awk pour lancer un shell interactif, j'en apprends tous les jours...

Une checklist : https://github.com/frizb/Linux-Privilege-Escalation
Une autre : https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite
A regarder : https://www.metahackers.pro/breakout-of-restricted-shell/

Parce que la ligne $(dirname $0) ne marche pas avec les appels du type . ./<script> ou les liens ou les su - ...

BASEDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

et si le script est un lien :

SOURCE="${BASH_SOURCE[0]}"
while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink
  BASEDIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
  SOURCE="$(readlink "$SOURCE")"
  [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" # if $SOURCE was a relative symlink, we need to resolve it relative to the path where the symlink file was located
done
DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"

Exécuter des lignes de commande générées à partir de fichier

cat domains.txt | awk '{system("echo \"aaa "$1 $2 $3"\"")}'

ou :
. ./.bashrc

différences et possiblités des tests Bash [[ ou [

bash color : les couleurs du bash... ou comment avoir un joli bash...

Quelques commandes pratiques (via http://ithake.eu/shaarli/?5OZAaQ)

in bashrc :

PS1="\[\e[0;34m\]\h (\u) \[\e[0;37m\] \$PWD\[\e[0;31m\]\$(__git_ps1)\[\e[0;37m\] \$ "
export PS1

do not forget [ and ] otherwise prompt length has not the right value and cursor goes to beginning of line.