Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: List of dangerous shell commands
Top Forums Shell Programming and Scripting List of dangerous shell commands Post 302591182 by tjones1105 on Wednesday 18th of January 2012 07:13:53 PM
Old 01-18-2012
List of dangerous shell commands
Hello,
I have a Application which needs to run shell scripts in a elevated state (root) for system interrogation. So I execute each script using bash -C. This has worked really well.

I now want to add another layer of security, I cant inspect each of the scripts before they get deployed to the systems. So I would like to have my app inspect the script for dangerous command line apps that might be on purpose or a fat finger, like rm; mv; cp; chown; chmod; etc.

I did try running bash in restricted mode but I had issues running some of the scripts. Is there a list or a command I can run to add a layer of protection to protect against something dangerous from happening?

Thanks,
tom
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

List of dangerous Unix command

Hi Guys, I wonder if one of you would have a list of dangerous commands on unix. Regards (8 Replies)
Discussion started by: JBB873
8 Replies

2. Solaris

List of Commands

Dear All, I am a new Administrator of Solaris in the company , I need a list of the commands pls ... Regards Adel (2 Replies)
Discussion started by: ArabOracle.com
2 Replies

3. Shell Programming and Scripting

How to run unix commands in a new shell inside a shell script?

Hi , I am having one situation in which I need to run some simple unix commands after doing "chroot" command in a shell script. Which in turn creates a new shell. So scenario is that - I need to have one shell script which is ran as a part of crontab - in this shell script I need to do a... (2 Replies)
Discussion started by: hkapil
2 Replies

4. UNIX for Advanced & Expert Users

Comparison List of commands

Hi, I would like to have a list of commands in a table, see below example Command description HPUNIX SUN UNIX IBM AIX all above i need comparison list of commands ASAP please.......... B.R (1 Reply)
Discussion started by: f_amshan
1 Replies

5. Shell Programming and Scripting

list files commands

hi all scripting gurus, need some guide and advise from you. i'm trying to list all the files in the year 2004 and the file format is something like this: 11176MZ00004JV900004JVB00004JVCcDBU20041206.txt try to use the symbol ^ but somehow it does not help. i try this as well: ls -ltr |... (12 Replies)
Discussion started by: lweegp
12 Replies

6. Shell Programming and Scripting

List of internal commands ??

Dear Sir/Mam, Can you tell me list of internal commands which are easy to implements...??? Means sir I am a beginner in unix shell programming. So, I just wanted to know that which internal commands are easy to implements in C language. thanks.... (1 Reply)
Discussion started by: ranusahu
1 Replies

7. Shell Programming and Scripting

Can BASH execute commands on a remote server when the commands are embedded in shell

I want to log into a remote server transfer over a new config and then backup the existing config, replace with the new config. I am not sure if I can do this with BASH scripting. I have set up password less login by adding my public key to authorized_keys file, it works. I am a little... (1 Reply)
Discussion started by: bash_in_my_head
1 Replies

8. Linux

Is umount -l dangerous?

I had a umount busy issue, that the usual fuser -mk did not solve, I did a umount -l and was able to unmount the device, I then got in trouble by the storage team staff: Here was a snippet of their response: Using "umount -l" is a potentially dangerous act. The command combination for a lazy... (8 Replies)
Discussion started by: pastajet
8 Replies

9. Shell Programming and Scripting

Any shell or hack that makes the shell command line take vi commands?

basically i'm tired of hitting the left arrow a few dozen times when correcting a mistake or modifying a history command i'd like to use vim style key shortcuts while on the command line so that a 55 moves the cursor 55 places to the left... and i want all the other vi goodies, search of... (3 Replies)
Discussion started by: marqul
3 Replies

10. War Stories

Dangerous rm -rf command

Hello All, I am posting a intresting story which is posted by Mark Brader but actual story is from Mario Wolczko. Original link is here Thanks, R. Singh (4 Replies)
Discussion started by: RavinderSingh13
4 Replies

LEARN ABOUT LINUX

alien::package::rpm

Alien::Package::Rpm(3pm)				User Contributed Perl Documentation				  Alien::Package::Rpm(3pm)

NAME

       Alien::Package::Rpm - an object that represents a rpm package

DESCRIPTION

       This is an object class that represents a rpm package. It is derived from Alien::Package.

FIELDS

       prefixes
	   Relocatable rpm packages have a prefixes field.

METHODS

       checkfile
	   Detect rpm files by their extention.

       install
	   Install a rpm. If RPMINSTALLOPT is set in the environement, the options in it are passed to rpm on its command line.

       scan
	   Implement the scan method to read a rpm file.

       unpack
	   Implement the unpack method to unpack a rpm file. This is a little nasty because it has to handle relocatable rpms and has to do a bit
	   of permissions fixing as well.

       prep
	   Prepare for package building by generating the spec file.

       cleantree
	   Delete the spec file.

       build
	   Build a rpm. If RPMBUILDOPT is set in the environement, the options in it are passed to rpm on its command line.

	   An optional parameter, if passed, can be used to specify the program to use to build the rpm. It defaults to rpmbuild.

       version
	   Set/get version.

	   When retreiving the version, remove any dashes in it.

       postinst
       postrm
       preinst
       prerm
	   Set/get script fields.

	   When retrieving a value, we have to do some truely sick mangling. Since debian/slackware scripts can be anything -- perl programs or
	   binary files -- and rpm is limited to only shell scripts, we need to encode the files and add a scrap of shell script to make it
	   unextract and run on the fly.

	   When setting a value, we do some mangling too. Rpm maintainer scripts are typically shell scripts, but often lack the leading shebang
	   line.  This can confuse dpkg, so add the shebang if it looks like there is no shebang magic already in place.

	   Additionally, it's not uncommon for rpm maintainer scripts to contain bashisms, which can be triggered when they are ran on systems
	   where /bin/sh is not bash. To work around this, the shebang line of the scripts is changed to use bash.

	   Also, if the rpm is relocatable, the script could refer to RPM_INSTALL_PREFIX, which is set by rpm at run time. Deal with this by
	   adding code to the script to set RPM_INSTALL_PREFIX.

       arch
	   Set/get arch field. When the arch field is set, some sanitizing is done first to convert it to the debian format used internally. When
	   it's retreived it's converted back to rpm form from the internal form.

AUTHOR

       Joey Hess <joey@kitenet.net>

perl v5.12.3							    2011-06-11						  Alien::Package::Rpm(3pm)
All times are GMT -4. The time now is 04:13 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy