Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Attacking Potential of sh-scripts
Special Forums Cybersecurity Attacking Potential of sh-scripts Post 302508489 by disaster on Monday 28th of March 2011 09:27:25 AM
Old 03-28-2011
Attacking Potential of sh-scripts
Hey,

I actually do have a question which seems rather easy for those you know more about this topic, since I am pretty new to bashscripting and don't know where it's limits are I have to ask you guys Smilie

Imagine a system where all possible code execution methods (binary executables or interpreted languages like perl and python) are not possible for the attacker. The only thing he can do is to write and execute shell scripts. But here, he is completly free to do what he wants, but it has to be within a shellscript and not with root rights.

So the question is: How much danger would there be in such a situation? Is it possible to do real harm only using a shellscript? If yes, what kind of stuff can one do? The only thing that came to my mind was deleting files, but as I assume the attacker has only user privilges in this scenario he wouldn't be able to delete the important files.
 

3 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Potential new user of Unix

Hi all, Complete and utter virgin Unix person here (I don't even have the OS yet) As I'm doing a "looking into it" kinda thing before I move from MS I hope my questions are not inappropriate. 1. Should I get some kind off anti virus software. I know Unix is pretty good for not getting them... (2 Replies)
Discussion started by: dhula
2 Replies

2. AIX

how to handle potential file contention

I need to change how a posting procedure currently works in order to improve load balancing but I am hitting a potential file contention problem that I was wondering if someone here could assist me with... In a directory called FilePool I would have a bunch of files that are constantly coming in... (3 Replies)
Discussion started by: philplasma
3 Replies

3. HP-UX

Potential file system contention on directory

We have an 8-processor Itanium system running HP-UX 11.23 connected to shared SAN discs. We have an application that creates files (about 10) in a specific directory. When the application terminates, these files are removed (unlink) and a few others are updated. The directory contains... (8 Replies)
Discussion started by: FDesrochers
8 Replies

LEARN ABOUT OSX

pythonw

PYTHON(1)						    BSD General Commands Manual 						 PYTHON(1)

NAME

     python, pythonw -- an interpreted, interactive, object-oriented programming language

SYNOPSIS

     python ...
     pythonw ...

DESCRIPTION

     To support multiple versions, the programs named python and pythonw now just select the real version of Python to run, depending on various
     settings.	(As of Python 2.5, python and pythonw are interchangeable; both execute Python in the context of an application bundle, which
     means they have access to the Graphical User Interface; thus both can, when properly programmed, display windows, dialogs, etc.)  The current
     supported versions are 2.6 and 2.7, with the default being 2.6.  Use

	   % man python2.6
	   % man python2.7
	   % man pythonw2.6
	   % man pythonw2.7

     to see the man page for a specific version.  Without a version specified,

	   % man pydoc

     and the like, will show the man page for the (unmodified) default version of Python (2.6).  To see the man page for a specific version, use,
     for example,

	   % man pydoc2.7

CHANGING THE DEFAULT PYTHON

     Using

	   % defaults write com.apple.versioner.python Version 2.7

     will make version 2.7 the user default when running the both the python and pythonw commands (versioner is the internal name of the version-
     selection software used).

     To set a system-wide default, replace 'com.apple.versioner.python' with '/Library/Preferences/com.apple.versioner.python' (admin privileges
     will be required).

     The environment variable VERSIONER_PYTHON_VERSION can also be used to set the python and pythonw version:

	   % export VERSIONER_PYTHON_VERSION=2.7 # Bourne-like shells
		or
	   % setenv VERSIONER_PYTHON_VERSION 2.7 # C-like shells
	   % python ...

     This environment variable takes precedence over the preference file settings.

64-BIT SUPPORT
     Versions 2.6 and 2.7 support 64-bit execution (which is on by default).

     Like the version of Python, the python command can select between 32 and 64-bit execution (when both are available).  Use:

	   % defaults write com.apple.versioner.python Prefer-32-Bit -bool yes

     to make 32-bit execution the user default (using '/Library/Preferences/com.apple.versioner.python' will set the system-wide default).  The
     environment variable VERSIONER_PYTHON_PREFER_32_BIT can also be used (has precedence over the preference file):

	   % export VERSIONER_PYTHON_PREFER_32_BIT=yes # Bourne-like shells
		or
	   % setenv VERSIONER_PYTHON_PREFER_32_BIT yes # C-like shells

     Again, the preference setting and environmental variable applies to both python and pythonw.

USING A SPECIFIC VERSION

     Rather than using the python command, one can use a specific version directly.  For example, running python2.7 from the command line will run
     the 2.7 version of Python, independent of what the default version of Python is.

     One can use a specific version of Python on the #! line of a script, but that may have portability and future compatibility issues.

     Note that the preference files and environment variable that apply to the python command, do not apply when running a specific version of
     Python.  In particular, running python2.6 will always default to 64-bit execution (unless one uses the arch(1) command to specifically select
     a 32-bit architecture).

SEE ALSO

     python2.6(1), python2.7(1), pythonw2.6(1), pythonw2.7(1), arch(1)

BSD
								   Aug 10, 2008 							       BSD
All times are GMT -4. The time now is 01:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy