[HN Gopher] Run unknown shell script with a line-by-line confirm... ___________________________________________________________________ Run unknown shell script with a line-by-line confirmation prompt Author : wlib Score : 26 points Date : 2021-04-14 20:35 UTC (2 hours ago) (HTM) web link (gist.github.com) (TXT) w3m dump (gist.github.com) | jdeaton wrote: | Can I use it to run itself? | wlib wrote: | Not without some modifications, which I did not make because | the complexity would get crazy with shell scripting | tyingq wrote: | You can fool it with ^H (Insert with ^V^H in vim) | #!/bin/sh rm not ^H^H^H^H expected | | Gives: -> rm expected Run command? [Y/n] | rm: cannot remove 'not': No such file or directory rm: | cannot remove ''$'\b\b\b\b': No such file or directory rm: | cannot remove 'expected': No such file or directory | rhizome wrote: | Possibly relevant, the bash restricted shell (bash -r): | | https://www.gnu.org/software/bash/manual/html_node/The-Restr... | eurasiantiger wrote: | It's probably possible to craft a script that looks innocuous | line-by-line, but does something malicious as a whole. | LinuxBender wrote: | Indeed. If the person does not understand why/what is encoded | by things like _xxd_ or _base64_ or using _tr_ to swap /filter | characters, then one should hopefully pull the eject lever. | When in doubt, one can sandbox scripts and see what they are in | effect trying to do. | barbazoo wrote: | > Useful for running unknown scripts | | Or just, you know, read them before you run them. | protomyth wrote: | It would be interesting to have a shell that allowed transactions | like a database and could list what files have been affected | while in the transaction. | opk wrote: | You can also do this with bashdb which is possibly also a more | robust solution. | e40 wrote: | Why isn't this solution robust? Seems like using the DEBUG trap | would be very robust. | m463 wrote: | accept_whatsapp_terms_and_conditions="true" Run command? | [Y/n] ___________________________________________________________________ (page generated 2021-04-14 23:00 UTC)