Skip to content

Instantly share code, notes, and snippets.

@robin-a-meade

robin-a-meade/response.md

Last active February 5, 2019 19:17
Show Gist options
  • Save robin-a-meade/5e034f59ec6cfb25d66d40f0ddd12583 to your computer and use it in GitHub Desktop.
Save robin-a-meade/5e034f59ec6cfb25d66d40f0ddd12583 to your computer and use it in GitHub Desktop.
Download ZIP
Response to "Writing Secure Shell Scripts"
Raw
response.md

Response to "Writing Secure Shell Scripts"

https://www.linuxjournal.com/content/writing-secure-shell-scripts

The first "What file do you seek?" example is safe. I tried it in bash 4.4:

cd "$(mktemp -d)"
cat > script <<EOF
echo -n "What file do you seek? "
read name
ls -l $name
EOF
chmod +x script
./script

I entered:

 . ; echo EVIL

The output was:

What file do you seek? . ; echo EVIL
ls: cannot access ';': No such file or directory
ls: cannot access 'echo': No such file or directory
ls: cannot access 'EVIL': No such file or directory
.:
total 4
-rwxrwxr-x. 1 Robin Robin 69 Feb 5 08:41 script

As you can see, the attempted malicious code was not executed. The malicious code was passed to ls as arguments.

I agree that the next example with eval is dangerous.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment