Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Safely parsing parameters
Top Forums Shell Programming and Scripting Safely parsing parameters Post 302405405 by methyl on Thursday 18th of March 2010 06:48:40 PM
Old 03-18-2010
Sorry drewk, addressed at O/P Corona688.

The original post is unbelievably vague from someone who is concerned about someone executing arbitary code on a unix/Linux? system. Perhaps the post comes from a potential hacker, perhaps not? (I know otherwise).

We have no context. This might be a server open to the Internet offering unsolicited users to type whatever they like. If this is the case I would issue "shutdown -i0 -g0 -y" and crush the server.

On a more practical note. First process and validate any potential unix commands outside of shell.
Last edited by methyl; 03-18-2010 at 08:00 PM.. Reason: spellin
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Parsing Parameters

How do you pass parameters over to another script and run the receiving script? . Here is an example of what I am talking about. for x in `cat Allx` do su myaccount -c "/temp/scripts/temp_script $x" > /dev/null 2>$1 $ done I was expecting the tem_script to be... (1 Reply)
Discussion started by: odogbolu98
1 Replies

2. Shell Programming and Scripting

Help with parsing parameters

Hi:- I need to parse a script 3 parameters (file, subject and email address). This is what I currently have: allargs=$* argcount=`echo $allargs | awk -F: '{ print NF }' ` # Total Number of arguments pdffile=`echo $allargs | awk -F: '{ print $1 }' ` # PDF/binary file to be encoded... (4 Replies)
Discussion started by: janet
4 Replies

3. UNIX for Advanced & Expert Users

Can I safely kill vdump?

Sceduled backups with vdump have been delayed as a mounted system had crashed while I was away for 2 weeks. Now there are 5 simultaneous vdumps running very slowly. The full system backup usually takes a whole weekend. Can I safely kill these? (I will have to live without a backup untill next... (4 Replies)
Discussion started by: nickt
4 Replies

4. Shell Programming and Scripting

Help parsing job script input parameters

I have a job script that runs with input parms from the command line. job.sh -p parm1_parm2_parm3_parm4_file_1.dat The parms are separated by _ The last parm is a file name and can have an _ in the name. I currently use the following commands to extract the parms parm1=`eval echo... (3 Replies)
Discussion started by: jclanc8
3 Replies

5. Shell Programming and Scripting

How to safely rm/mv files/directory

Hi all, Am writing a script that does a rm/mv if a file exist, however, in one scenario, one of the variables which is supposed to a variable for a directory is undefined/blank so instead of the variable resolving to /tmp/logfile.dmp, it resolves instead to / so the rm translates to a rm /... (2 Replies)
Discussion started by: newbie_01
2 Replies

6. Programming

Value changed when parsing parameters

I get a strange problem here, and ask for help. (gdb) 28 set_file_bit( file, bytePos, bitPos, argv ); (gdb) p argv $3 = 0xbfffef5c "00" (gdb) s set_file_bit (file=0x804b008, bytePos=2, bitPos=2, binary=0x80490e5 "11") at util/file.c:112 ... (2 Replies)
Discussion started by: 915086731
2 Replies

7. Solaris

How to remove soft link safely

Greetings, I need some help performing a system admin function that I have been tasked with. The request seems simple enough, but my feeling is that it might be more complicated than it seems. Here is what i've been tasked with: SunOS 5.10 Generic_142900-15 sun4u sparc SUNW,SPARC-Enterprise... (3 Replies)
Discussion started by: Harleyrci
3 Replies

8. Solaris

need to safely reboot to cdrom

I am using: reboot -- cdrom However I'm afraid of causing file system errors/corruption. I've seen many threads say that init 6 is safer, but I need to get to CDROM. Is there a command that is as safe as init, but can boot to cdrom, or should I not worry so much about the reboot... (5 Replies)
Discussion started by: lcoreyl
5 Replies

9. Red Hat

Can all files under /tmp be safely removed

I wanted to know whether all files under /tmp can be safely removed. I guess that /tmp may also have temporary files for applications currently being worked on, so at the most those applications may just shut down. I hope that my question is clear whether all files under /tmp can be safely... (5 Replies)
Discussion started by: RHCE
5 Replies

LEARN ABOUT DEBIAN

xpamethod

xpamethod(7)							SAORD Documentation						      xpamethod(7)

NAME

       XPAMethod -  XPA Communication Methods

SYNOPSIS

       XPA supports both inet and unix (local) socket communication.

DESCRIPTION

       XPA uses sockets for communication between processes. It supports three methods of socket communication: inet, localhost, and unix. In gen-
       eral, the same method should be employed for all XPA processes in a session and the global environment variable XPA_METHOD should be used
       to set up the desired method. By default, the preferred method is "inet", which is appropriate for most users. You can set up a different
       method by typing something like:

	 setenv XPA_METHOD local	      # unix csh
	 XPA_METHOD=local; export XPA_METHOD  # unix sh, bash, windows/cygwin
	 set XPA_METHOD=localhost	      # dos/windows

       The options for XPA_METHOD are: inet, unix (or local), and localhost. On Unix machines, this environment setup command can be placed in
       your shell init file (.cshrc, .profile, .bashrc, etc.) On Windows platforms, it can be placed in your AUTOEXEC.BAT file (I think!).

       By default, inet sockets are used by XPA. These are the standard Internet sockets that are used by programs such as Netscape, ftp. etc.
       Inet sockets utilize the IP address of the given machine and a (usually random) port number to communicate between processes on the same
       machine or between different machines on the Internet. (Note that XPA has an Access Control mechanism to prevent unauthorized access of XPA
       access points by other computers on the Net). For users connected to the Internet, this usually is the appropriate communication method.
       For more information about setting up XPA communication between machines, see Communication Between Machines.

       In you are using XPA on a machine without an Internet connection, then inet sockets are not appropriate. In fact, an XPA process often will
       hang for many seconds while waiting for a response from the Domain Name Service (DNS) when using inet sockets. Instead of inet sockets,
       users on Unix platforms can also use unix sockets (also known as local sockets). These sockets are based on the local file system and do
       not make use of the DNS. They generally are considered to be faster than inet sockets, but they are not implemented under Windows. Use
       local sockets as a first resort if you are on a Unix machine that is not connected to the Internet.

       Users not connected to the Internet also can use localhost sockets. These are also inet-type sockets but the IP address used for the local
       machine is the localhost address, 0x7F000001, instead of the real IP of the machine. Depending on how sockets are set up for a given plat-
       form, communication with the DNS usually is not required in this case (though of course, XPA cannot interact with other machines).  The
       localhost method will generally work on both Unix and Windows platforms, but whether the DNS is required or not is subject to individual
       configurations.

       A final warning/reminder: if your XPA-enabled server hangs at startup time and your XPA_METHOD is inet, the problem probably is related to
       an incorrect Internet configuration. This can be confirmed by using the unix method or (usually) the localhost method. You can use these
       alternate methods if other hosts do not need access to the XPA server.

SEE ALSO

       See xpa(7) for a list of XPA help pages

version 2.1.14							   June 7, 2012 						      xpamethod(7)
All times are GMT -4. The time now is 11:39 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy