Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Attacking Potential of sh-scripts
Special Forums Cybersecurity Attacking Potential of sh-scripts Post 302508899 by Perderabo on Tuesday 29th of March 2011 11:23:47 AM
Old 03-29-2011
If simply reading files needs to be prevented you are going to be out of luck with your approach. With bash or ksh a user with no access to any executables can do stuff like:
Code:
function cat { while read l ; do echo "$l" ; done < $1 ; }
function ls { while [ $# -ne 0 ] ; do echo "$1" ; shift; done ;}

and browse the system for any readable files. You really need to put users in a chroot jail and ensure that they have no root access to get true security.
 

3 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Potential new user of Unix

Hi all, Complete and utter virgin Unix person here (I don't even have the OS yet) As I'm doing a "looking into it" kinda thing before I move from MS I hope my questions are not inappropriate. 1. Should I get some kind off anti virus software. I know Unix is pretty good for not getting them... (2 Replies)
Discussion started by: dhula
2 Replies

2. AIX

how to handle potential file contention

I need to change how a posting procedure currently works in order to improve load balancing but I am hitting a potential file contention problem that I was wondering if someone here could assist me with... In a directory called FilePool I would have a bunch of files that are constantly coming in... (3 Replies)
Discussion started by: philplasma
3 Replies

3. HP-UX

Potential file system contention on directory

We have an 8-processor Itanium system running HP-UX 11.23 connected to shared SAN discs. We have an application that creates files (about 10) in a specific directory. When the application terminates, these files are removed (unlink) and a few others are updated. The directory contains... (8 Replies)
Discussion started by: FDesrochers
8 Replies

LEARN ABOUT CENTOS

gnutls_pubkey_get_preferred_hash_algorithm

gnutls_pubkey_get_preferred_hash_algorithm(3)			      gnutls			     gnutls_pubkey_get_preferred_hash_algorithm(3)

NAME

       gnutls_pubkey_get_preferred_hash_algorithm - API function

SYNOPSIS

       #include <gnutls/abstract.h>

       int	      gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t	    key,	    gnutls_digest_algorithm_t		 *
       hash, unsigned int * mand);

ARGUMENTS

       gnutls_pubkey_t key
		   Holds the certificate

       gnutls_digest_algorithm_t *					       hash
		   The result of the call with the hash algorithm used for signature

       unsigned int * mand
		   If non zero it means that the algorithm MUST use this hash. May be NULL.

DESCRIPTION

       This function will read the certifcate and return the appropriate digest algorithm to use for signing with this certificate. Some  certifi-
       cates (i.e.  DSA might not be able to sign without the preferred algorithm).

       To  get the signature algorithm instead of just the hash use gnutls_pk_to_sign() with the algorithm of the certificate/key and the provided
       hash .

RETURNS

       the 0 if the hash algorithm is found. A negative error code is returned on error.

SINCE

       2.12.0

REPORTING BUGS

       Report bugs to <bug-gnutls@gnu.org>.
       General guidelines for reporting bugs: http://www.gnu.org/gethelp/
       GnuTLS home page: http://www.gnu.org/software/gnutls/

COPYRIGHT

       Copyright (C) 2012 Free Software Foundation, Inc..
       Copying and distribution of this file, with or without modification, are permitted in any medium without  royalty  provided  the  copyright
       notice and this notice are preserved.

SEE ALSO

       The  full documentation for gnutls is maintained as a Texinfo manual.  If the info and gnutls programs are properly installed at your site,
       the command

	      info gnutls

       should give you access to the complete manual.  As an alternative you may obtain the manual from:

	      http://www.gnu.org/software/gnutls/manual/

gnutls								      3.1.15			     gnutls_pubkey_get_preferred_hash_algorithm(3)
All times are GMT -4. The time now is 02:39 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy