10-27-2006
The BSD version of ps has an option to display the environment of the processes it lists. So in general that is not secure. If you must do that, you can limit the window of exposure by putting the data in the environment just before invoking the script. And then in the script, reset the environment as the first operation.
Try to use a pipe instead.
echo $secretstuff | some_script
and in the script do:
read secretstuff
10 More Discussions You Might Find Interesting
1. Solaris
I am trying to set up my compiler, but when I go to look for
gcc it not found but I get a message
that stayed (/usr/oasys/bin) and when I go into the dir
to set my env the following is type
cp : cannot creat //pref/.environ: no such file or directory
and I input ./setenv PATH=... (3 Replies)
Discussion started by: alsande
3 Replies
2. AIX
hi eveybody,
i m trying to set acl using acledit command in AIX box
but wat im gettung is
3002-100 acledit: EDITOR environment variable not set
can anyone help me out how 2 set editor....................
thanks in advance (4 Replies)
Discussion started by: rrlog
4 Replies
3. Red Hat
Hi there,
How can I change bash to csh when starting a terminal, and set some aliases for csh? I can't find such files like .cshrc in my home directory.
Thanks a lot (1 Reply)
Discussion started by: dustinwang2003
1 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I wrote two small scripts to set env variables in a shell.
java_env.csh
#!/bin/csh -fn
setenv JAVA_HOME '/scratch/software/jdk1.5.0_11'
setenv PATH $PATH':'$JAVA_HOME'/bin'
and run it using csh ./java_env.csh
But the env variables are not set. I tried running each line on the... (5 Replies)
Discussion started by: NoviceAmod
5 Replies
5. Shell Programming and Scripting
I am facing a very strange issue. I have script in ksh with #!/bin/ksh as shebang.
This script has function which sets the env variable before running other functions of the script. by
set_up_env()
{
CONFIG_FILE="/opt/app/tools/deepmarking/latestVersion/script/UploadEnv"
if
then
... (7 Replies)
Discussion started by: Tuxidow
7 Replies
6. Shell Programming and Scripting
I have perl script and in the first line we are invoking .sh script to set ENV variables.
e..g
eval '. $envfile; exec $PERL -S $0 "$@"'
I want to change some of the env variables while the program is running and I am settging it like this ..
$ENV{ORACLE_HOME}=trim($oraclehome);... (1 Reply)
Discussion started by: talashil
1 Replies
7. Post Here to Contact Site Administrators and Moderators
Hello,
Can you please delete or modify a post that contains sensitive data. I can't post full links, here's the end of the link: shell-programming-and-scripting/94965-help-shell-scripting-modify-user-creation-script-oracle-database.html
It's got a lot of data that should never be posted on... (2 Replies)
Discussion started by: JonHeller
2 Replies
8. Post Here to Contact Site Administrators and Moderators
Hi Sir ,
Please remove the following code from the post
https://www.unix.com/unix-for-advanced-and-expert-users/210081-ftp-issue.html
thanks
Prabhu (7 Replies)
Discussion started by: ptappeta
7 Replies
9. Post Here to Contact Site Administrators and Moderators
Hi Sir,
please remove following terms from post as it is sensitive data
https://www.unix.com/shell-programming-and-scripting/235655-print-single-line.html
ifeeds
fidedev
ironsides
feedmgr
thanks a lot
prabhu (1 Reply)
Discussion started by: ptappeta
1 Replies
10. Post Here to Contact Site Administrators and Moderators
Hi
Kindly remove the following from the post . These are confidential info posted by mistake
https://www.unix.com/shell-programming-and-scripting/201037-perl-while-loop-each.html
please remove the comments section which is first 16 lines in the perl script .
Also please remove the ... (1 Reply)
Discussion started by: ptappeta
1 Replies
LEARN ABOUT HPUX
secure_sid_scripts
secure_sid_scripts(5) File Formats Manual secure_sid_scripts(5)
NAME
secure_sid_scripts - controls whether setuid and setgid bits on scripts are honored
VALUES
Failsafe
Default
Allowed values
Recommended values
DESCRIPTION
This tunable controls whether and bits on executable scripts have any effect. Honoring on scripts make a system vulnerable to attack by
malicious users.
The default value for this variable is 1, indicating that bits are to be ignored by the execve(2) system call for higher security. The
tunable can be set to 0 for a compatibility with older releases at the expense of security. Hewlett-Packard strongly recommends that you
not change the value of this tunable unless there is an urgent need to do so.
When a script with bits is executed, the kernel generates the following error message to both the terminal controlling and the system log.
(To view the error message, use dmesg(1M) or inspect
Who is Expected to Change This Tunable?
Administrator.
Restrictions on Changing
Changes to this tunable take effect for new scripts started after the change.
When Should the Value of This Tunable Be Changed?
This tunable controls operational modes rather than data structure sizes and limits. The appropriate setting for a system depends on
whether you consider security or compatibility to be most important.
A value of is compatible with previous releases of HP-UX, but it is also less secure.
A value of provides security against race condition attacks exploiting scripts.
What Are the Side Effects of Changing the Value
This tunable controls only executable scripts (not programs) with bit set. HP-UX does not ship with any such scripts. If the customer
wishes to use scripts, third party applications such as or can be used. Alternatively, the shell script can be wrapped in a simple C pro-
gram that runs the shell script with appropriate permissions:
What Other Tunable Values Should Be Changed at the Same Time?
None.
WARNINGS
None. All HP-UX kernel tunable parameters are release specific. This parameter may be removed or have its meaning changed in future
releases of HP-UX.
Installation of optional kernel software, from HP or other vendors, may cause changes to tunable parameter values. After installation,
some tunable parameters may no longer be at the default or recommended values. For information about the effects of installation on tun-
able values, consult the documentation for the kernel software being installed. For information about optional kernel software that was
factory installed on your system, see at
FILES
AUTHOR
was developed by HP.
SEE ALSO
chmod(1), execve(2), kctune(1M).
Tunable Kernel Parameters secure_sid_scripts(5)