No, you change your user shell to the shell you want. You can do this in the "Accounts" preference pane by control-clicking a user, selecting "Advanced Options" from the context menu, and changing the "Login shell" setting to your preferred shell.
Right....but your user shell has nothing to do with shellshock. Shellshock involves things like Apache invoking system calls that need a shell, and those system calls don't care what your user shell is. They care what /bin/sh and /bin/bash are (or wherever your system shells live, it's /bin for OSX).
This guide is claiming that updating your login shell to bash via Homebrew will mitigate shellshock, which is flat-out wrong, and dangerous to boot.
OK, but nothing in your comment implied that you were talking about the "Shellshock" vulnerability. I believe that a very recent OSX update patched this vulnerability, anyhow.
Oops, a very good point. I should have mentioned that right off the bat: my issue was with calling this a "hacker's guide", when it contains a pretty blatant security issue.
I think the parent poster is talking about eliminating all known-vulnerable bash shells from his machine, not just having the default user shell change.
That should be #!/usr/bin/env bash, particularly for BSD which does not install bash in /bin. Nothing new about absolute executable paths being non-portable, #!/bin/bash is as bad as #!/usr/bin/python.
