Rebuilding bash source


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Rebuilding bash source
# 1  
Old 11-07-2017
Rebuilding bash source

so i have many scripts that have to run when the bash source is installed as normal.

however, some users have found a way to build bash from source and while doing so, they altered some default settings.

my question is, what can i put in my script to check that the "flags.c" binary and make sure the "echo_command_at_execute =0" has not been changed?

also, that the BASH_XTRACEFD has not been changed/set.

please advise.

basically, all i want to do is be able to know when a user runs one of my scripts, i want to be able to know if the bash source on the user's machine has been altered from its default state/settings. what can i check for?
# 2  
Old 11-07-2017
You can perform cryptographic hash functions on files to baseline and confirm file integrity.
This User Gave Thanks to Neo For This Post:
# 3  
Old 11-07-2017
I am guessing developers are recompiling some of their environment. You cannot hope to fix this.

If there actually is a completely defined standard environment:
1. use a shebang on all of your code
2. make sure /bin/sh is /bin/bash and /bin/bash has the correct checksum
3. examine and look for LD_PRELOAD settings, or any BASH environment variables

Basically what I see is a big problem. Management should explicitly disallow recompiling/rebuilding system code. The security issues are major here. This is like a hacker free for all, and you are trying to play referee.

Who owns a user's desktop Linux box? The company. Get management buy in and when something fails checksums or some other tests, contact management. If management thinks having folks do stuff like this is okay, then work at getting responsibility for solving script problems foist onto non-conforming users.

In other words do not try to "fix" the code problem, fix the cause instead.
This User Gave Thanks to jim mcnamara For This Post:
# 4  
Old 11-07-2017
Quote:
Originally Posted by jim mcnamara
I am guessing developers are recompiling some of their environment. You cannot hope to fix this.

If there actually is a completely defined standard environment:
1. use a shebang on all of your code
2. make sure /bin/sh is /bin/bash and /bin/bash has the correct checksum
3. examine and look for LD_PRELOAD settings, or any BASH environment variables

Basically what I see is a big problem. Management should explicitly disallow recompiling/rebuilding system code. The security issues are major here. This is like a hacker free for all, and you are trying to play referee.

Who owns a user's desktop Linux box? The company. Get management buy in and when something fails checksums or some other tests, contact management. If management thinks having folks do stuff like this is okay, then work at getting responsibility for solving script problems foist onto non-conforming users.

In other words do not try to "fix" the code problem, fix the cause instead.
thank you so much for the detailed response. what can i look for in the LD_PRELOAD settings? i'll do the scripting. all i need, if you can, is for you to provide me a list of things i should make sure is set a certain way.

a lot of things are outside my control here. so what i can do is make sure my script does not operate if the bash source is not default.

Last edited by SkySmart; 11-07-2017 at 02:38 PM..
# 5  
Old 11-07-2017
You can also try running gdb in non-interactive mode and get the flag variable value:-
Code:
gdb -q /bin/bash -ex "print echo_command_at_execute" -ex quit

This User Gave Thanks to Yoda For This Post:
# 6  
Old 11-07-2017
Quote:
Originally Posted by Yoda
You can also try running gdb in non-interactive mode and get the flag variable value:-
Code:
gdb -q /bin/bash -ex "print echo_command_at_execute" -ex quit


this will work on Ubuntu and Redhat systems and it is perfect!

are there other similar commands i can use that are more portable?
# 7  
Old 11-08-2017
Requiring that your users install gdb to make sure they're not reading your script is rather amusing. gdb is a debugger! gdb may help you a little, but will help them a lot more!

This rube goldbergian arms race is not sustainable.
This User Gave Thanks to Corona688 For This Post:
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Rebuilding computer tomorrow at work

I'm rebuilding my primary computer at work tomorrow. Currently, it has Windows 7. I would like to replace the main system with either Linux or Unix, although I would like to be able to run a fully operational Windows as a VM within that. Any recommendations on which Linux or Unix to go with? I'm... (6 Replies)
Discussion started by: Sean_
6 Replies

2. AIX

Rebuilding a HMC

Hi Guru's, I'm trying to rebuild a very old HMC 7315-C02 the hard disk has gone so needs replacing. I've managed to find an old IDE hard disk lying around but its obvious that it's had windows running on it as the HMC install disks won't recognise the format. I'm trying to install HMC V6 R1.2... (3 Replies)
Discussion started by: elcounto
3 Replies

3. UNIX Desktop Questions & Answers

Help needed tracing source of bash error

Issue resolved: The 'culprit file' was .bash_aliases. It had the naughty  (ASCII for the octal string Bash was detecting and returning an error about). I cleaned it up in Pico (see my post to the thread on favorite editors if you want background on why I use Pico/Nano), re-sourced it via... (0 Replies)
Discussion started by: SilversleevesX
0 Replies

4. Shell Programming and Scripting

bash shell: 'exec', 'eval', 'source' - looking for help to understand

Hi, experts. Whould anybody clear explay me difference and usage of these 3 commands (particulary in bash) : exec eval source I've tryed to read the manual pages but did not get much. Also could not get something useful from Google search - just so much and so not exactly, that is... (3 Replies)
Discussion started by: alex_5161
3 Replies

5. HP-UX

bash...Not found through where(compiling source file)

Hi i have compiled and installed bash 3.2 on my hp-ux parisc its in path /usr/local/pkg/bash/bin/bash .....When im search for this bash (through whereis bash) im not findind but other which i hve done in same procedure( gettext,m4) ..Im able to find through whereis search option can any1... (3 Replies)
Discussion started by: vasanthan
3 Replies

6. Linux

Modifying/Rebuilding non-source PRM?

I can't find a source rpm for a particular tool that I'm trying to modify. I can only get a hold of the noarch and tar.bz2. Can I modify either one of these and re-package them as a noarch.rpm? (2 Replies)
Discussion started by: eur0dad
2 Replies

7. Shell Programming and Scripting

Bash Source Code

Can somebody give me the link to get the source code of BASH? (1 Reply)
Discussion started by: bhargava
1 Replies

8. UNIX for Dummies Questions & Answers

rebuilding sun solaris kernel

How would I rebuild the sun solaris kernel to include my new Oracle paramters? (3 Replies)
Discussion started by: jigarlakhani
3 Replies

9. UNIX for Advanced & Expert Users

Rebuilding Kernel

Dear all, After succesful installation of UNIX SCO WARE 7.0, while booting the system it is displaying as follows: The kernel will be rebuilt to incorporate recent configaration changes Press Enter when ready OR Press Escape to Stop. While pressing Enter, message is coming again and again... (2 Replies)
Discussion started by: konda
2 Replies
Login or Register to Ask a Question