|
|
Sponsored Content
Special Forums
Cybersecurity
Attacking Potential of sh-scripts
Post 302508794 by disaster on Tuesday 29th of March 2011 05:07:59 AM
03-29-2011
Quote:
It's not clear to me which executables are available for use in the shell script. A shell script will need the interpreter or it's inert. Can the script use standard utilities like chmod or sed? Can it invoke subsidiary languages like awk, or perl? A language can perl can do almost everything that can be done with an executable.
Quote:
Must the cracker actually damage anything? Lots of crackers simply want a copy of your data and avoid damaging stuff to avoid detection. But in your scenario a cracker like that is tolerable?
Quote:
Also what about shared libraries? Are they signed as well?
Maybe a short summary of what I want and what I already managed to do: The final target is a system on which only authorized code can be executed to get maximum control of what is run on it (may seem weird, but we are not talking about a home PC here). I already managed to prevent any non signed code (both binaries and scripting languages like perl or python). For scripting languages this is done via a kernel heck in die script interpreter loader, so I can not only prevent calls like ./hack.pl but also perl hack.pl. The problem is that with my approach I would actually disable the shell, so loggin in isn't possible anymore
Last edited by disaster; 03-29-2011 at 06:13 AM..
|
|
3 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi all,
Complete and utter virgin Unix person here (I don't even have the OS yet)
As I'm doing a "looking into it" kinda thing before I move from MS I hope my questions are not inappropriate.
1. Should I get some kind off anti virus software. I know Unix is pretty good for not getting them... (2 Replies)
Discussion started by: dhula
2 Replies
2. AIX
I need to change how a posting procedure currently works in order to improve load balancing but I am hitting a potential file contention problem that I was wondering if someone here could assist me with...
In a directory called FilePool I would have a bunch of files that are constantly coming in... (3 Replies)
Discussion started by: philplasma
3 Replies
3. HP-UX
We have an 8-processor Itanium system running HP-UX 11.23 connected to shared SAN discs.
We have an application that creates files (about 10) in a specific directory. When the application terminates, these files are removed (unlink) and a few others are updated. The directory contains... (8 Replies)
Discussion started by: FDesrochers
8 Replies
LEARN ABOUT PLAN9
scotty
scotty(1) Tnm Tcl Extension scotty(1) __________________________________________________________________________________________________________________________________________________ NAME
scotty - A Tcl shell including the Tnm extensions. SYNOPSIS
scotty ?fileName arg arg ...? _________________________________________________________________ DESCRIPTION
scotty is a Tcl interpreter with extensions to obtain status and configuration information about TCP/IP networks. After startup, scotty evaluates the commands stored in .scottyrc and .tclshrc in the home directory of the user. SCRIPT FILES
If scotty is invoked with arguments then the first argument is the name of a script file and any additional arguments are made available to the script as variables (see below). Instead of reading commands from standard input scotty will read Tcl commands from the named file; scotty will exit when it reaches the end of the file. If you create a Tcl script in a file whose first line is #!/usr/local/bin/scotty2.1.11 then you can invoke the script file directly from your shell if you mark the file as executable. This assumes that scotty has been installed in the default location in /usr/local/bin; if it's installed somewhere else then you'll have to modify the above line to match. Many UNIX systems do not allow the #! line to exceed about 30 characters in length, so be sure that the scotty executable can be accessed with a short file name. An even better approach is to start your script files with the following three lines: #!/bin/sh # the next line restarts using scotty exec scotty2.1.11 "$0" "$@" This approach has three advantages over the approach in the previous paragraph. First, the location of the scotty binary doesn't have to be hard-wired into the script: it can be anywhere in your shell search path. Second, it gets around the 30-character file name limit in the previous approach. Third, this approach will work even if scotty is itself a shell script (this is done on some systems in order to handle multiple architectures or operating systems: the scotty script selects one of several binaries to run). The three lines cause both sh and scotty to process the script, but the exec is only executed by sh. sh processes the script first; it treats the second line as a comment and executes the third line. The exec statement cause the shell to stop processing and instead to start up scotty to reprocess the entire script. When scotty starts up, it treats all three lines as comments, since the backslash at the end of the second line causes the third line to be treated as part of the comment on the second line. VARIABLES
Scotty sets the following Tcl variables: argc Contains a count of the number of arg arguments (0 if none), not including the name of the script file. argv Contains a Tcl list whose elements are the arg arguments, in order, or an empty string if there are no arg arguments. argv0 Contains fileName if it was specified. Otherwise, contains the name by which scotty was invoked. tcl_interactive Contains 1 if scotty is running interactively (no fileName was specified and standard input is a terminal-like device), 0 otherwise. PROMPTS
When scotty is invoked interactively it normally prompts for each command with ``% ''. You can change the prompt by setting the variables tcl_prompt1 and tcl_prompt2. If variable tcl_prompt1 exists then it must consist of a Tcl script to output a prompt; instead of out- putting a prompt scotty will evaluate the script in tcl_prompt1. The variable tcl_prompt2 is used in a similar way when a newline is typed but the current command isn't yet complete; if tcl_prompt2 isn't set then no prompt is output for incomplete commands. SEE ALSO
Tnm(n), Tcl(n) AUTHORS
Juergen Schoenwaelder <schoenw@cs.utwente.nl> Tnm scotty(1)